[whatwg] A few comments on the <keygen> tag

On Jun 4, 2009, at 1:26 AM, Jonas Sicking wrote:

> On Wed, Jun 3, 2009 at 3:52 PM, Ian Hickson <ian at hixie.ch> wrote:
>> On Wed, 15 Apr 2009, Anders Rundgren wrote:
>>>
>>> Now to the really problematic stuff:  <keygen> is not really an HTML
>>> tag, it is actually 2 phases of a 3-phase key provisioning protocol.
>>> I don't see why a protocol should be plugged into a page GUI.  The
>>> alternatives all use APIs or specific plugins that indeed may be  
>>> spawned
>>> from an HTML page but that's something completely different.
>>
>> I agree, <keygen> seems like a poor design. That's one of the  
>> reasons I
>> didn't extend it in HTML5; we're just defining what it does in  
>> browsers so
>> that new browsers can implement it if they want to be compatible  
>> with the
>> existing browsers.
>
> We could possibly make it non-conforming though. I don't have a strong
> opinion either way, on one hand I think we want to discourage its use
> since it's a pretty crappy feature, on the other hand, I'm not sure
> that the people that are using it have a choice, so making it
> non-conforming without providing any alternatives isn't going make
> anyone stop using it.

I share your distaste for <keygen>. But I also agree that it's  
unhelpful to make it nonconforming without providing an alternative.  
Maybe in HTML6, if we develop a better solution in the meantime.

  - Maciej

Received on Thursday, 4 June 2009 01:34:03 UTC