On 2013-04-01 23:46, Brian Smith wrote: > See https://bugzilla.mozilla.org/show_bug.cgi?id=524664 (bug 524664) and > See > https://developer.mozilla.org/en-US/docs/JavaScript_crypto/generateCRMFRequest > > My understanding is that <keygen> is supposed to replace > window.crypto.generateCRMFRequest. > > I have no idea how common window.crypto.generateCRMFRequest is. Is it > obsolete?
The entire certificate system (including soft token storage) is obsolete. All big consumer-PKIs are deploying their own counterparts since ages ago. Now with mobile devices with embedded security hardware like in most high-end Android phones, there's a ocean-wide gap between the browser and platform. > Should it be removed? Does anybody have a link to a site that is using it for > its intended purpose? You cannot remove until there is an established replacement that matches the legitimate requirements people have on on-line certificate enrollment. Anders > If it is obsolete, I would like to remove it ASAP. > > More generally, I would like to remove all the Mozilla-proprietary methods > and properties from window.crypto; i.e. all the ones > athttps://developer.mozilla.org/en-US/docs/JavaScript_crypto. Some of them > are actually pretty problematic. Are there any worth keeping? > > Thanks, > Brian > -- dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
