among other things, because <keygen> is not a standardized mechanism.
-Kyle H On Thu, Dec 25, 2008 at 4:10 AM, Michael Ströder <mich...@stroeder.com> wrote: > Eddy Nigg wrote: >> I think Thawte uses the keygen tag as well. This is a signed public key >> and challenge (SPKAC). > > I also thought so. But there is some Javascript and the HTML looks like > this: > > <select name="spkac" challenge="tURRaHXxYBDwCk58"><option>2048 (High > Grade)</option><option>1024 (Medium Grade)</option></select> > > This is definitely not a <keygen> tag. If I disable Javascript and press > [Next] it won't work. Hmm, strange. I've examined the data traffic > exchanged with livehttpheaders. The data I've grabbed looks like a SPKAC > blob but I really wonder why the hell they are not using <keygen>. > > Ciao, Michael. > _______________________________________________ > dev-tech-crypto mailing list > dev-tech-crypto@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-tech-crypto > _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto