Re: [WebCrypto.Next] Support for HTML5's "keygen" in Windows and iOS from Tony Arcieri on 2015-02-14 (public-web-security@w3.org from February 2015)

From: Tony Arcieri <bascule@gmail.com>
Date: Sat, 14 Feb 2015 13:33:19 -0800
To: Anders Rundgren <anders.rundgren.net@gmail.com>
Cc: "public-web-security@w3.org" <public-web-security@w3.org>
Message-ID: <CAHOTMV+XZ9X6016gk-ymh4erLDqgjs0vm=2FnAJ2q71=z_rviw@mail.gmail.com>

Keygen was created in the absence of a good user experience story. X.509
client certificates are already extremely problematic from a UX
perspective, and <keygen> just makes it worse with a confusing onboarding
workflow.

I will note that Microsoft is supporting U2F in Windows 10

On Fri, Feb 13, 2015 at 11:43 PM, Anders Rundgren <
anders.rundgren.net@gmail.com> wrote:

> Microsoft haven't implemented HTML5's keygen in spite of being a
> "standard".
> The same is valid for iOS.
>
> This makes the use of X.509 certificates quite quirky.
>
> What's the way ahead then?  Since the world [apparently] is divided a
> better path
> could be to offer a web interface that allows you to implement the
> "keygen" you want.
>
> You see a pattern here?  No?
>
> Anders
>
>
>
>


-- 
Tony Arcieri

Received on Tuesday, 17 February 2015 08:05:22 UTC