Re: <keygen>

On 15:02, Sun, 06/09/2015 Anders Rundgren <anders.rundgren.net@gmail.com>
wrote:

On 2015-09-06 04:28, Timothy Holborn wrote:
> Is there any good reason why <keygen> should no longer be supported?

If you look a bit deeper into the thread, it is rather X.509 certificates
for user authentication on the Web that is questioned.   Removing <keygen>
is
a first step for removing the rest.


Is there a security problem that means it should never be used?

If not; Does leaving it in, create any compatibility issues with anything
new?


BTW, Microsoft's new Browser "Edge" has (as far as I understand) already
removed
support for Web-based enrollment since CertEnroll builds on ActiveX which
also is removed.
For enterprise enrollment Microsoft has never relied on the Web

Anders

>
> I get having alternatives, thinking its good for flexibility and
innovation yet
 > bit like religions, conscription of a particular method isn't the best
option.
>
> So I haven't got clarity as to why it needs to be depreciated, regardless
of any other emerging alternatives...
>
> Can someone enlighten me?
>
> Tim.h.
>

Received on Sunday, 6 September 2015 06:05:25 UTC