- From: Ryan Sleevi <sleevi@google.com>
- Date: Thu, 31 Jan 2013 06:50:30 -0800
- To: Harry Halpin <hhalpin@w3.org>
- Cc: mountie.lee@gmail.com, public-webcrypto-comments@w3.org, Anders Rundgren <anders.rundgren@telia.com>
- Message-ID: <CACvaWvY7wwWR+cwmp94E8-=0t6Pm7=-71Q-3Ss0=4_Qt=kpktw@mail.gmail.com>
Harry, I believe you are misinformed. Both Chrome and Firefox support it, as does WebKit proper (including iOS, I believe), and we do see usage of it for large sites. For example, the act of buying a cert via StartSSL will have the user generate a key via key gen for the user cert to access the control panel. For browsers that don't support keygen (such as IE), they use browser specific solutions like XEnroll. So I am not sure where you are getting your information. There are solutions in the space now, both the standardized and the nonstandardized stink, and there is no good browser interoperability. However, none of that is a reason this WG should take on an item if the vendors are not involved or interested in a replacement. It would just end up another unimplemented standard. On Jan 31, 2013 4:44 AM, "Harry Halpin" <hhalpin@w3.org> wrote: > On 01/31/2013 08:37 AM, Anders Rundgren wrote: > >> Hi Mountie & list, >> >> http://lists.w3.org/Archives/**Public/public-webcrypto/** >> 2013Jan/0081.html<http://lists.w3.org/Archives/Public/public-webcrypto/2013Jan/0081.html> >> >> I agree that this is important. >> >> I believe though that the individual items would gain by slightly more >> "meat" including a connection to use-cases. >> >> Multiple key containers: Although key-containers is my favorite subject >> there's actually a virtual *ocean* dividing *using* keys and *enrolling* >> keys unless we are continuing on the path which has [rightfully] been >> shunned by the market such as W3C's <keygen>: >> >> http://www.w3.org/TR/html-**markup/keygen.html<http://www.w3.org/TR/html-markup/keygen.html> >> > > The obsession with keygen strikes me as odd. It's a legacy feature that > W3C has never endorsed and best practice is to ignore, as many browsers > plan never to support. Its included in HTML5 as a legacy feature. I think I > stated that to you before, Anders, as well as others. > > Thanks for reminder though, I'll email HTML5 and make sure that this page > points that out as its obvious its still causing confusion. > > Disrespecting the fact that the Web Crypto WG doesn't seem to enjoy this >> topic, I'm 100% sure that the Google wallet doesn't use anything like >> <keygen>, CMP or similar PKIX-related protocols. Presumably for a reason... >> >> Thanx >> Anders >> >> >> > >
Received on Thursday, 31 January 2013 14:51:00 UTC