- From: Lars <sunberg@gmail.com>
- Date: Wed, 9 Jul 2008 14:56:11 +0200
Hi This is using TLS/SSL. Example: You tell your webserver that under directory /secure/ the client must have a certificate signed by CA1. For the client to get this certificate you normally make it, sign it, and them import it to the browser. With the <keygen> attribute, all this is done in a clean more secure way. The browser is generating everything, sends the public key with SPKAC (http://www.openssl.org/docs/apps/spkac.html) to the server. So as you see, its not an replacement of TLS/SSL in any way. Its just a better way to do it. -- Lars On Wed, Jul 9, 2008 at 2:35 PM, Rimantas Liubertas <rimantas at gmail.com> wrote: > <...> >> For those of you who doesn't know what this element is doing; Its for >> generating a private/public certificate keypair. The browser keeps the >> private one, and the server gets the public one which it signs and >> then sends back to the browser. This is extremely useful for secure >> verification. Netbanks and other heavy security sites should/are using >> this. > <...> >> Is there any hope for this element? What information does which people >> want to make this an HTML5 standard? > > Hi, > how is this better than SSL/TLS? > > > Regards, > Rimantas > -- > http://rimantas.com/ >
Received on Wednesday, 9 July 2008 05:56:11 UTC