W3C home > Mailing lists > Public > public-html@w3.org > September 2009

Re: <keygen> element

From: Jonas Sicking <jonas@sicking.cc>
Date: Mon, 7 Sep 2009 17:58:57 -0700
Message-ID: <63df84f0909071758k3cc02666q3347e0de151388a6@mail.gmail.com>
To: Maciej Stachowiak <mjs@apple.com>
Cc: Ian Hickson <ian@hixie.ch>, Sam Ruby <rubys@intertwingly.net>, Anne van Kesteren <annevk@opera.com>, Lachlan Hunt <lachlan.hunt@lachy.id.au>, HTML WG <public-html@w3.org>
On Sat, Sep 5, 2009 at 9:22 PM, Maciej Stachowiak<mjs@apple.com> wrote:
>
> On Sep 5, 2009, at 8:26 PM, Jonas Sicking wrote:
>
>> Putting just the <keygen> element, but none of the actual
>> functionality, thus allowing microsoft (or anyone else) to just
>> implement a very small amount of stubbed code seems like a political
>> solution. It wouldn't actually help any website authors, and it would
>> force UAs to still implement (and test) the stubbed code.
>>
>> Is there a reason we couldn't mark <keygen> conforming but
>> obsolete/deprecated? All UAs seem to want to deprecate and replace
>> (thus remove) the feature. Saying that it's obsolete and/or deprecated
>> would seem to reflect that fairly well.
>
> Marking it obsolete or deprecated would still make it required for IE to
> implement. (All current obsolete features in HTML5 are mandatory for
> implementations.) Do you think they should be allowed to not implement it?
>
> What marking it obsolete would do is result in a conformance error on every
> page using it - this seems orthogonal to Microsoft's concern, and at least
> to me it seems unhelpful. But perhaps you have some different concerns that
> would be addressed by making keygen obsolete.

My thinking was that marking it obsolete or deprecated would give
microsoft a pretty good story to their customers for not implementing
it.

However marking it optional would be even more explicit so that seems
good to me.

I do think it would also be good to make validators give authors a
warning when <keygen> is used. This would serve two purposes. First of
all it would warn people to not exclusively depend on <keygen> as it
doesn't (and likely never will) work in IE. Second, it would let them
know that it might stop working in other browsers in the future.

/ Jonas
Received on Tuesday, 8 September 2009 00:59:59 UTC

This archive was generated by hypermail 2.3.1 : Monday, 29 September 2014 09:39:07 UTC