On 04/01/2013 02:46 PM, Brian Smith wrote:
See https://bugzilla.mozilla.org/show_bug.cgi?id=524664 (bug 524664) and
See
https://developer.mozilla.org/en-US/docs/JavaScript_crypto/generateCRMFRequest
My understanding is that <keygen> is supposed to replace
window.crypto.generateCRMFRequest.
So keygen was first, window.crypto.generateCRMFRequest() was made to fix
some issues (and get some features like key-recovery). The new effort in
<keygen> I think was meant to address those issues.
I have no idea how common window.crypto.generateCRMFRequest is. Is it obsolete?
Should it be removed? Does anybody have a link to a site that is using it for
its intended purpose?
If it is obsolete, I would like to remove it ASAP.
I'm pretty sure it's still used by produces like this one:
http://pki.fedoraproject.org/wiki/PKI_Main_Page
I don't think you can remove it for a while. Server deployments lag
client features by quite a few years. Servers don't implement new
features supplied in clients until they are release. This type of
feature isn't quite like a normal html feature, where you can update a
.hmtl file or a content manager macro. These tags are usually tied more
closely to the servers that use them.
More generally, I would like to remove all the Mozilla-proprietary methods and
properties from window.crypto; i.e. all the ones
athttps://developer.mozilla.org/en-US/docs/JavaScript_crypto. Some of them are
actually pretty problematic. Are there any worth keeping?
I'd say you probably can't do that wholesale, but you probably can
review and cull this list, particularly if there are good replacements.
Thanks,
Brian
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
