On Tue, Jun 02, 2009 at 01:59:47AM +0300, Eddy Nigg wrote: > On 04/07/2009 06:37 AM, Ian Hickson: >> I have now specified the<keygen> element in HTML5. >> >> http://www.whatwg.org/specs/web-apps/current-work/#the-keygen-element >> >> I would appreciate review by people who know what this stuff means, as >> I'll be the first to admit not having any idea what I'm doing here. >> >>
the standard should make it clear how the signed response is handled. currently, after you visit a malicious page the only thing you see is: "your certificate is installed [OK]" the certificate can be issued to whatever name the attacker choses. if an attacker can force a weak private key which is later broken, it can be self signed and stored on the poor user's machine - this is not much fun anymore. i think the standard should write something like: after receiving the certificate, the user must be given an option to examine it and to ignore it. there is a bugzilla bug exactly about it - can't remember the # ATM -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
