On Sep 6, 2009, at 3:58 AM, Sam Ruby wrote:
> Maciej Stachowiak wrote:
>> What marking it obsolete would do is result in a conformance error
>> on every page using it - this seems orthogonal to Microsoft's
>> concern, and at least to me it seems unhelpful. But perhaps you
>> have some different concerns that would be addressed by making
>> keygen obsolete.
>
> While error might be overkill, unless the expectation is that this
> element will be universally implemented, a warning does seem in order.
A warning would be acceptable, but all it could really tell you is to
make sure your page has an alternate solution for IE. For now at
least, it could not point you to a solution that works cross-browser.
(Aside: if one thinks a warning for an everyone-but-IE feature has
significant value, then that would imply IE's refusal to implement has
significant interoperability cost. I personally don't think either is
true.)
If we had a superior cross-browser solution ready, then obsoleting
would undoubtedly be the right way to go. I hope Mozilla and Microsoft
strongly consider making some proposals in this area, since they have
the experience of deploying extended crypto APIs in the browser. I can
get Apple security experts to review proposed APIs, but we're do not
have the expertise or bandwidth to design a brand new API from scratch
Regards,
Maciej