Fwd: <keygen>

fyi.  While not in scope for this group, I suspect that some of you  
might want to chime in with an opinion (or maybe not).
--
Thomas Roessler, W3C  <tlr@w3.org>







Begin forwarded message:

> From: Ian Hickson <ian@hixie.ch>
> Date: 6 January 2009 13:40:48 CEST
> To: whatwg@whatwg.org
> Subject: <keygen>
>
>
> Over the years, several people (most of them bcc'ed) have asked for  
> HTML5
> to include a definition of <keygen>. Some have even gone as far as  
> finding
> documentation on the element -- thank you.
>
> As I understand it based on the documentation, <keygen> basically
> generates a public/private asymmetric cryptographic key pair, and then
> sends the public component as its form value.
>
> Unfortunately, this seems completely and utterly useless, as at no  
> point
> does there seem to be any way to ever use the private component  
> either for
> signing or for decrypting anything, nor does there appear to be a  
> way to
> use the certificate for authentication.
>
> Without further information along these lines describing how to  
> actually
> make practical use of the element, I do not intend to document  
> <keygen> in
> the HTML5 specification. If anyone can fill in these holes that  
> would be
> very helpful.
>
> Cheers,
> -- 
> Ian Hickson               U+1047E                ) 
> \._.,--....,'``.    fL
> http://ln.hixie.ch/       U+263A                /,   _.. \   _ 
> \  ;`._ ,.
> Things that are impossible just take longer.   `._.-(,_..'-- 
> (,_..'`-.;.'
>

Received on Tuesday, 6 January 2009 12:47:14 UTC