- From: Jonas Sicking <jonas@sicking.cc>
- Date: Fri, 17 Apr 2009 14:16:35 -0700
On Thu, Apr 16, 2009 at 9:22 PM, Anders Rundgren <anders.rundgren at telia.com> wrote: > "Nelson B Bolyard" wrote [to the WHATWG list]: > Based on WHATWG comments, this it is not really about standardization > but about documenting the current practice for key generation in the HTML > layer without comparing this to other ways of achieving the similar goals > including generateCRMFRequest. ?JavaScript is thus outside of the > scope AFAICT. The <keygen> discussion is not about creating a new standard, that is correct. It is about standardizing current practices that are required by *todays* browsers in order to be compatible with the web and thus considered by users. As for coming up with a new, better standard for accomplishing what keygen was originally envisioned to do, way back when, I think this would be a great idea. Nothing is out of scope for such a new standard. However the apropriate standards organization and working group should be used. So for example if the new solution is a pure javascript API, then either the webapps wg in w3c, or some security related standards org seems more apropriate than whatwg. If on the other hand a new HTML element is proposed, then this list seems like a fine place for such a discussion. Hope that makes sense? / Jonas
Received on Friday, 17 April 2009 14:16:35 UTC