[whatwg] Signatures in HTML5

Channy Yun channy at creation.net
Sat Mar 21 10:48:31 PDT 2009


Ian,

Anyway I thank you for your careful consideration and encouragement of
another activities.

Basically web signature must be implemented by browser venders because of an
example of XKMS's fail that Anders indicated. So we have to consider how to
do is cost effective and I think form processing with classical Netscape's
crypto.signText or MS's CertEnroll. Broweser vendor's cost will be cheap
rather than Anders's WASP or other methods.

I couldn't find proper position to treat this issue. Also W3C don't give an
opportunity to join as individual. (We must make another WHATWG like
activity? It's kidding.) I want for browser vendors to be interested in this
issue becasue many Asian and European government made own CA and want to do
now. The solution depends on only old and security risky "Plugin method"
such as Java and ActiveX.

If anyone knows good positions or opinion to discuss this issue, please let
me know.

Channy
---------------------
http://www.linkedin.com/in/channy

Daum Developers Network & Affiliates
http://dna.daum.net



On Sat, Mar 21, 2009 at 7:54 AM, Ian Hickson <ian at hixie.ch> wrote:

> On Thu, Jul 31, 2008 at 10:21 AM, Ian Hickson <ian at hixie.ch> wrote:
> >
> > Over the years a number of e-mails have been sent to the list about
> > signatures and other public key cryptography topics, most of which are
> > quoted below.
> >
> > For a number of reasons, not least of which my lack of expertise in the
> > area, the size of the HTML5 spec today, and the low level of demand for
> > these features, I have decided to not cover this topic in HTML5, and
> > instead rely on other groups to define these features.
>
> Since I wrote the above, a couple of people have reiterated their desire
> for HTML5 to address this issue.
>
> I would like to encourage people interested in this to approach the W3C or
> IETF and develop this as an independent technology. The expertise required
> for this is not the same as the expertise required for other features in
> HTML5, and it would be a mistake for such sensitive technology to not be
> written by experts in the signature and security field.
>
> --
> Ian Hickson               U+1047E                )\._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20090322/2aa9cd59/attachment-0001.htm>


More information about the whatwg mailing list