W3C home > Mailing lists > Public > whatwg@whatwg.org > June 2009

[whatwg] A few comments on the <keygen> tag

From: Ian Hickson <ian@hixie.ch>
Date: Wed, 3 Jun 2009 22:52:42 +0000 (UTC)
Message-ID: <Pine.LNX.4.62.0906032244480.1648@hixie.dreamhostps.com>
On Wed, 15 Apr 2009, Anders Rundgren wrote:
>
> Now to the really problematic stuff:  <keygen> is not really an HTML 
> tag, it is actually 2 phases of a 3-phase key provisioning protocol.
> I don't see why a protocol should be plugged into a page GUI.  The 
> alternatives all use APIs or specific plugins that indeed may be spawned 
> from an HTML page but that's something completely different.

I agree, <keygen> seems like a poor design. That's one of the reasons I 
didn't extend it in HTML5; we're just defining what it does in browsers so 
that new browsers can implement it if they want to be compatible with the 
existing browsers.


On Wed, 15 Apr 2009, Maciej Stachowiak wrote:
> 
> HTML5 is meant to specify every HTML feature that you need to implement 
> a browser than can handle the real-world Web. At this point, anyone 
> implementing a new browser engine would have to support <keygen>. 
> However, none of this rules out the possibility of putting more advanced 
> crypto functionality into browsers, either via HTML or a separate spec. 

Indeed.

-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'
Received on Wednesday, 3 June 2009 15:52:42 UTC

This archive was generated by hypermail 2.4.0 : Wednesday, 22 January 2020 16:59:12 UTC