- From: Bjoern Hoehrmann <derhoermi@gmx.net>
- Date: Tue, 06 Jan 2009 14:16:04 +0100
* Ian Hickson wrote: >Over the years, several people (most of them bcc'ed) have asked for HTML5 >to include a definition of <keygen>. Some have even gone as far as finding >documentation on the element -- thank you. > >As I understand it based on the documentation, <keygen> basically >generates a public/private asymmetric cryptographic key pair, and then >sends the public component as its form value. > >Unfortunately, this seems completely and utterly useless, as at no point >does there seem to be any way to ever use the private component either for >signing or for decrypting anything, nor does there appear to be a way to >use the certificate for authentication. You don't say which documentation you read, but the original Netscape documentation was rather clear that the private component is stored in the local keystore, and from there you can of course use it when a site requests that you identify yourself with a certificate. http://developer.netscape.com/docs/manuals/htmlguid/tags10.htm once had: The KEYGEN tag facilitates the generation of key material and submission of the public key as part of an HTML form. This mechanism is designed for use in web-based certificate management systems. It displays a menu of key-size choices from which the user must choose one. Then, when the submit button is clicked, a key pair of the selected size is generated. The private key is encrypted and stored in the local key database. -- Bj?rn H?hrmann ? mailto:bjoern at hoehrmann.de ? http://bjoern.hoehrmann.de Am Badedeich 7 ? Telefon: +49(0)160/4415681 ? http://www.bjoernsworld.de 25899 Dageb?ll ? PGP Pub. KeyID: 0xA4357E78 ? http://www.websitedev.de/
Received on Tuesday, 6 January 2009 05:16:04 UTC