Quoting Enrico Zini (2016-04-10 11:20:51) > On Sun, Apr 10, 2016 at 11:20:07AM +0200, Jonas Smedegaard wrote: >>> If WebID has a workable plan for what to do after <keygen> >>> disappears, I haven't seen it. If you have, please send me precise >>> details[1]: I haven't seen any in >>> https://www.w3.org/mid/20150730174424.GA7779@c >> >> I am unaware of them being magicians. Some of them have put together >> Javascript for execution in the browser. I guess you already know >> about (and dislike) that workaround. > > I don't know of that workaround, and you didn't send me a link to any > detail about it. Sorry, I was mistaken: I (wrongly!) understood from past discussions that some had made a javascript shim for keygen (and others being strongly sceptic about the security implications of that), but looking closer I now realize that javascript approaches to client-side certs only at most do pure-JS computation of the key but then spit out the result as a file for the user to manually install - i.e. _not_ handling the keygen part after all (if I have understood this correctly). Here's summaries for the main WebID implementations: https://www.w3.org/wiki/Foaf%2Bssl/IDP - among those, I believe only the myprofile.eu is not entangled in a large database infrastructure - but unfortunate myprofile.eu seems currently down... :-/ As I recall, the central piece for generating X.509 as client-side Javascript with myprofile.eu is https://github.com/juliangruber/keypair - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
Attachment:
signature.asc
Description: signature