W3C home > Mailing lists > Public > www-tag@w3.org > September 2015

Re: Agenda: <keygen> being destroyed when we need it

From: Henry Story <henry.story@co-operating.systems>
Date: Fri, 4 Sep 2015 14:54:13 +0200
Cc: Carvalho Melvin <melvincarvalho@gmail.com>, Tim Berners-Lee <timbl@w3.org>, TAG List <www-tag@w3.org>
Message-Id: <536A8505-545D-4158-BC3B-D746D4FBB038@co-operating.systems>
To: Wendy Selzer <wseltzer@w3.org>

> On 2 Sep 2015, at 14:15, Wendy Seltzer <wseltzer@w3.org> wrote:
> 
> On 09/02/2015 04:06 AM, Melvin Carvalho wrote:
>> On 1 September 2015 at 16:08, Tim Berners-Lee <timbl@w3.org> wrote:
>> 
>>> Folks
>>> 
>>> There is a strong move my Google chrome team followed by Firefox to remove
>>> the <keygen> tag from HTML5.   This has been done without an issue being
>>> raised in the WHATWG  or HTMLWG apparently.
>>> 
>>> <keygen> is important because it allows authentication systems to be build
>>> in a distributed manner. It allows any Mom and Pop shop place to share
>>> public keys for people they trust.    For example, MIT uses it to create
>>> secure relationship with faculty and staff, and I use it for friends and
>>> family.
>>> 
>>> Public key asymmetric crypto is generally so much stronger than the
>>> password-based authentication.  It requires certificate management code to
>>> be written.
>>> 
>> 
>> IMHO we need an area of the browser under a user's control
> 
> That seems like a different, and more interesting requirement than
> "keygen."
> 
> Keygen was a poorly designed, inconsistently implemented feature, that
> many sophisticated users and developers found confusing. If we can
> instead define what features we want to be able to build, and what they
> depend on that's not provided by WebCrypto, and think about how we can
> enable users to access these features without opening themselves up to
> be phished or tracked, that feels like a more productive avenue for
> discussion than "bring back keygen".

I think this is much too harsh on keygen btw. What is happening may be
that the documentation in the HTML5 was not good enough at explaining how
it worked. After a discussion on the WhatWG where one key argument against
keygen turned out that it was insecure because of its use of MD5, and after an off
list pointer to what the aleged reason of the problem was I wrote a detailed
response to the WHATWG showing that MD5 has no effect on keygen, and 
ansuggesting that improved wording of the spec may help diffuse this 
misunderstanding.
 
   https://github.com/whatwg/html/issues/102

This did not stop the issue being closed within 15 minutes of my opening the
issue. ( and I seem to be filterd now on the WHATWG mailing list ).

Henry
 	 	

> 
> --Wendy
> 
> 
> -- 
> Wendy Seltzer -- wseltzer@w3.org +1.617.715.4883 (office)
> Policy Counsel and Domain Lead, World Wide Web Consortium (W3C)
> http://wendy.seltzer.org/        +1.617.863.0613 (mobile)
Received on Friday, 4 September 2015 12:54:49 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 22:57:12 UTC