On replacing <keygen>

This topic is mentioned here:
http://www.w3.org/2012/07/24-crypto-minutes.html

<CryptoRant>

MD5 is hardly _the_ show-stopper.   Weak cryptographic solutions are IMO only
a problem when exposed to malicious third-parties which isn't the case here since
most serious CAs use HTTPS during enrollment.   If you're "phished" you are likely
to be toast anyway regardless of the technical strength of the request signature.

The cryptographic solution in <keygen> isn't really a security solution either since
<keygen> does in no way vouch for the origin of the key-pair; it is a data integrity
check, that the user-agent (in some way) managed creating a valid key-pair.

This should rather be compared with static passwords which are used by *billions*
of users each day and that's a really weak cryptographic solution (algorithm=NULL).

</CryptoRant>


<SoWhatIsTheProblemThen>

- Horrible user interface.  Strong or medium strength keys have no meaning for 99.999% of the worlds population.
- Horrible issuer interface.  Did the poor user actually got his/her certificate?
- No PIN support
- No key-origin support
- No client-key agility support

</SoWhatIsTheProblemThen>


<Solution>

I believe these issues have already been addressed in Google Wallet 2.0 :-)

</Solution>

Anders

Received on Wednesday, 15 August 2012 18:17:10 UTC