- From: Story Henry <henry.story@bblfish.net>
- Date: Tue, 14 Jul 2009 23:31:17 +0200
- To: Alex Korth <alex@ttbc.de>
- Cc: public-xg-socialweb@w3.org
On 14 Jul 2009, at 10:27, Alex Korth wrote: > The whole thing can only emerge. There will not be the one technical > implementation, but a variety of approaches that everyone chooses > from. The critical aspect is the emergence of interoperability and > openness, i.e. agreed exchange formats, protocols, license > agreements and certificates for privacy issues. But don't ask my > auntie to sign a certificate in her browser ;) > It turns out that signing a certificate in a browser is as easy as clicking a button. With the <keygen> element inserted in an html form, the browser will calculate a private/public key pair, send the public key in the form POST, which the server can then retrieve and build an X509 certificate which it can then send back to the browser (usually in an iframe). The browser (Safari, Firefox, or Opera at least) will then link the public and the private key, and place it in the keychain. You can try this out using the service such as http://test.foafssl.org/cert/ It is now documented in the html5 spec at: http://www.whatwg.org/specs/web-apps/current-work/#the-keygen-element Henry > Cheers, > Alex
Received on Tuesday, 14 July 2009 21:32:08 UTC