[whatwg] <keygen> and X509 client cert mime type

henry.story at bblfish.net henry.story at bblfish.net
Tue Feb 25 06:01:57 PST 2014


  The keygen form element does a great job of specifying how the browser
creates a public/private key pair, stores the private key in it's local

"When the control's form is submitted, the private key is stored in the local keystore,
 and the public key is packaged and sent to the server."

It is clear that the intention is for the server to send back a certificate built 
from the public key. What I can't find is what the mime type of the returned 
certificate should be. I have been using `application/x-x509-user-cert` which 
seems to work for Safari, Firefox, Opera . But I think that is not an officially
supported certificate type. application/pkix-cert seems to be that after looking it
up on iana.

I ended up posting a bug report for Android on that.

But now I have to check for each browser which is the type all browsers support.
To avoid people having to do this research again and again, perhaps it would
be worth specifying a mime type that all browsers do/must support in the HTML5


Social Web Architect

More information about the whatwg mailing list