On Wednesday 29 July 2015 16:35:41 David Keeler wrote: > [cc'd to dev-security for visibility. This discussion is intended to > happen on dev-platform; please reply to that list.] > > Ryan Sleevi recently announced the pre-intention to deprecate and > eventually remove support for the <keygen> element and special-case > handling of the application/x-x509-*-cert MIME types from the blink > platform (i.e. Chrome). > > Rather than reiterate his detailed analysis, I'll refer to the post here: > > https://groups.google.com/a/chromium.org/d/msg/blink-dev/pX5NbX0Xack/kmHsyMG > JZAMJ
<snarky sarcasm> Well, gmail doesn't support S/MIME or GPG/MIME so obviously <keygen> is useless and should be removed. </snarky sarcasm> > Much, if not all, of that reasoning applies to gecko as well. > Furthermore, it would be a considerable architectural improvement if > gecko were to remove these features (particularly with respect to e10s). > Additionally, if they were removed from blink, the compatibility impact > of removing them from gecko would be lessened. > > I therefore propose we follow suit and begin the process of deprecating > and removing these features. The intention of this post is to begin a > discussion to determine the feasibility of doing so. because pushing people to use Internet Explorer^W^W Spartan^W Edge in enterprise networks is a good plan to continue loosing market share for Mozilla products! /s lack of easy, cross-application certificate deployment is the _reason_ for low rates of deployment of client certificates, but where they are deployed, they are _critical_ you really suggest I should tell regular people to copy paste CSR's, keep safe their private keys and be able to pair keys to certs when even programmers and system administrators have problems with current certificate deployments? (user certs vs web server certs) suggesting removal of such a feature because is not often used is like suggesting removal of mains valve because it is not used often And I say it as a former sysadmin, not Red Hat employee. -- Regards, Hubert Kario
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
