RE: [WebCrypto.Next] Support for HTML5's "keygen" in Windows and iOS from ANDREAE Philip on 2015-02-17 (public-web-security@w3.org from February 2015)

From: ANDREAE Philip <P.Andreae@oberthur.com>
Date: Tue, 17 Feb 2015 13:29:03 +0000
To: Tony Arcieri <bascule@gmail.com>, Anders Rundgren <anders.rundgren.net@gmail.com>
CC: "public-web-security@w3.org" <public-web-security@w3.org>
Message-ID: <09D719D29942B940B45930011FD043CE02BCC1@USCHSERV47.americas.oberthurcs.com>

Be careful with the following assertion  I will note that Microsoft is supporting U2F in Windows 10

Philip Andreae
Tel: +1 (404) 680 9640

From: Tony Arcieri [mailto:bascule@gmail.com]
Sent: Saturday, February 14, 2015 4:33 PM
To: Anders Rundgren
Cc: public-web-security@w3.org
Subject: Re: [WebCrypto.Next] Support for HTML5's "keygen" in Windows and iOS

Keygen was created in the absence of a good user experience story. X.509 client certificates are already extremely problematic from a UX perspective, and <keygen> just makes it worse with a confusing onboarding workflow.

I will note that Microsoft is supporting U2F in Windows 10

On Fri, Feb 13, 2015 at 11:43 PM, Anders Rundgren <anders.rundgren.net@gmail.com<mailto:anders.rundgren.net@gmail.com>> wrote:
Microsoft haven't implemented HTML5's keygen in spite of being a "standard".
The same is valid for iOS.

This makes the use of X.509 certificates quite quirky.

What's the way ahead then?  Since the world [apparently] is divided a better path
could be to offer a web interface that allows you to implement the "keygen" you want.

You see a pattern here?  No?

Anders

--
Tony Arcieri

Received on Tuesday, 17 February 2015 13:34:33 UTC