W3C home > Mailing lists > Public > public-xg-socialweb@w3.org > July 2009

Re: FYI: Blog post about Web of Identities

From: Story Henry <henry.story@bblfish.net>
Date: Tue, 14 Jul 2009 23:31:17 +0200
Cc: public-xg-socialweb@w3.org
Message-Id: <6D041C51-C7FC-4BAB-9496-EE0C58601A99@bblfish.net>
To: Alex Korth <alex@ttbc.de>

On 14 Jul 2009, at 10:27, Alex Korth wrote:

> The whole thing can only emerge. There will not be the one technical  
> implementation, but a variety of approaches that everyone chooses  
> from. The critical aspect is the emergence of interoperability and  
> openness, i.e. agreed exchange formats, protocols, license  
> agreements and certificates for privacy issues. But don't ask my  
> auntie to sign a certificate in her browser ;)
>

It turns out that signing a certificate in a browser is as easy as  
clicking a button.

With the <keygen> element inserted in an html form, the browser will  
calculate a private/public key pair, send the public key in the form  
POST, which the server can then retrieve and build an X509 certificate  
which it can then send back to the browser (usually in an iframe). The  
browser (Safari, Firefox, or Opera at least) will then link the public  
and the private key, and place it in the keychain.

You can try this out using the service such as http://test.foafssl.org/cert/

It is now documented in the html5 spec at:

	http://www.whatwg.org/specs/web-apps/current-work/#the-keygen-element

Henry

> Cheers,
> Alex
Received on Tuesday, 14 July 2009 21:32:08 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:39:08 UTC