W3C home > Mailing lists > Public > public-webcrypto-comments@w3.org > January 2013

Re: Prioritization of secondary features

From: Ryan Sleevi <sleevi@google.com>
Date: Thu, 31 Jan 2013 06:50:30 -0800
Message-ID: <CACvaWvY7wwWR+cwmp94E8-=0t6Pm7=-71Q-3Ss0=4_Qt=kpktw@mail.gmail.com>
To: Harry Halpin <hhalpin@w3.org>
Cc: mountie.lee@gmail.com, public-webcrypto-comments@w3.org, Anders Rundgren <anders.rundgren@telia.com>
Harry,

I believe you are misinformed. Both Chrome and Firefox support it, as does
WebKit proper (including iOS, I believe), and we do see usage of it for
large sites.

For example, the act of buying a cert via StartSSL will have the user
generate a key via key gen for the user cert to access the control panel.
For browsers that don't support keygen (such as IE), they use browser
specific solutions like XEnroll.

So I am not sure where you are getting your information. There are
solutions in the space now, both the standardized and the nonstandardized
stink, and there is no good browser interoperability.

However, none of that is a reason this WG should take on an item if the
vendors are not involved or interested in a replacement. It would just end
up another unimplemented standard.
On Jan 31, 2013 4:44 AM, "Harry Halpin" <hhalpin@w3.org> wrote:

> On 01/31/2013 08:37 AM, Anders Rundgren wrote:
>
>> Hi Mountie & list,
>>
>> http://lists.w3.org/Archives/**Public/public-webcrypto/**
>> 2013Jan/0081.html<http://lists.w3.org/Archives/Public/public-webcrypto/2013Jan/0081.html>
>>
>> I agree that this is important.
>>
>> I believe though that the individual items would gain by slightly more
>> "meat" including a connection to use-cases.
>>
>> Multiple key containers: Although key-containers is my favorite subject
>> there's actually a virtual *ocean* dividing *using* keys and *enrolling*
>> keys unless we are continuing on the path which has [rightfully] been
>> shunned by the market such as W3C's <keygen>:
>>
>>      http://www.w3.org/TR/html-**markup/keygen.html<http://www.w3.org/TR/html-markup/keygen.html>
>>
>
> The obsession with keygen strikes me as odd. It's a legacy feature that
> W3C has never endorsed and best practice is to ignore, as many browsers
> plan never to support. Its included in HTML5 as a legacy feature. I think I
> stated that to you before, Anders, as well as others.
>
> Thanks for reminder though, I'll email HTML5 and make sure that this page
> points that out as its obvious its still causing confusion.
>
>  Disrespecting the fact that the Web Crypto WG doesn't seem to enjoy this
>> topic, I'm 100% sure that the Google wallet doesn't use anything like
>> <keygen>, CMP or similar PKIX-related protocols.  Presumably for a reason...
>>
>> Thanx
>> Anders
>>
>>
>>
>
>
Received on Thursday, 31 January 2013 14:51:00 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Thursday, 31 January 2013 14:51:01 GMT