[whatwg] A few comments on the <keygen> tag

On Wed, 15 Apr 2009, Anders Rundgren wrote:
>
> Now to the really problematic stuff:  <keygen> is not really an HTML 
> tag, it is actually 2 phases of a 3-phase key provisioning protocol.
> I don't see why a protocol should be plugged into a page GUI.  The 
> alternatives all use APIs or specific plugins that indeed may be spawned 
> from an HTML page but that's something completely different.

I agree, <keygen> seems like a poor design. That's one of the reasons I 
didn't extend it in HTML5; we're just defining what it does in browsers so 
that new browsers can implement it if they want to be compatible with the 
existing browsers.


On Wed, 15 Apr 2009, Maciej Stachowiak wrote:
> 
> HTML5 is meant to specify every HTML feature that you need to implement 
> a browser than can handle the real-world Web. At this point, anyone 
> implementing a new browser engine would have to support <keygen>. 
> However, none of this rules out the possibility of putting more advanced 
> crypto functionality into browsers, either via HTML or a separate spec. 

Indeed.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Wednesday, 3 June 2009 15:52:42 UTC