Re: <keygen> element

On Sat, Sep 5, 2009 at 9:22 PM, Maciej Stachowiak<mjs@apple.com> wrote:
>
> On Sep 5, 2009, at 8:26 PM, Jonas Sicking wrote:
>
>> Putting just the <keygen> element, but none of the actual
>> functionality, thus allowing microsoft (or anyone else) to just
>> implement a very small amount of stubbed code seems like a political
>> solution. It wouldn't actually help any website authors, and it would
>> force UAs to still implement (and test) the stubbed code.
>>
>> Is there a reason we couldn't mark <keygen> conforming but
>> obsolete/deprecated? All UAs seem to want to deprecate and replace
>> (thus remove) the feature. Saying that it's obsolete and/or deprecated
>> would seem to reflect that fairly well.
>
> Marking it obsolete or deprecated would still make it required for IE to
> implement. (All current obsolete features in HTML5 are mandatory for
> implementations.) Do you think they should be allowed to not implement it?
>
> What marking it obsolete would do is result in a conformance error on every
> page using it - this seems orthogonal to Microsoft's concern, and at least
> to me it seems unhelpful. But perhaps you have some different concerns that
> would be addressed by making keygen obsolete.

My thinking was that marking it obsolete or deprecated would give
microsoft a pretty good story to their customers for not implementing
it.

However marking it optional would be even more explicit so that seems
good to me.

I do think it would also be good to make validators give authors a
warning when <keygen> is used. This would serve two purposes. First of
all it would warn people to not exclusively depend on <keygen> as it
doesn't (and likely never will) work in IE. Second, it would let them
know that it might stop working in other browsers in the future.

/ Jonas

Received on Tuesday, 8 September 2009 00:59:59 UTC