Short URL: http://html5.org/r/2960
| SVN | Bug | Comment | Time (UTC) |
|---|---|---|---|
| 2960 | 2009-04-07 03:48 |
Index: source
===================================================================
--- source (revision 2959)
+++ source (revision 2960)
@@ -37662,6 +37662,317 @@
+ <h4>The <dfn><code>keygen</code></dfn> element</h4>
+
+ <dl class="element">
+ <dt>Categories</dt>
+ <dd><span>Flow content</span>.</dd>
+ <dd><span>Phrasing content</span>.</dd>
+ <dd><span>Interactive content</span>.</dd>
+ <dd><span title="category-listed">Listed</span>, <span title="category-label">labelable</span>, <span title="category-submit">submittable</span>, and <span title="category-reset">resettable</span> <span>form-associated element</span>.</dd>
+ <dt>Contexts in which this element may be used:</dt>
+ <dd>Where <span>phrasing content</span> is expected.</dd>
+ <dt>Content model:</dt>
+ <dd>Empty.</dd>
+ <dt>Content attributes:</dt>
+ <dd><span>Global attributes</span></dd>
+ <dd><code title="attr-fe-autofocus">autofocus</code></dd>
+ <dd><code title="attr-keygen-challenge">challenge</code></dd>
+ <dd><code title="attr-fe-disabled">disabled</code></dd>
+ <dd><code title="attr-fae-form">form</code></dd>
+ <dd><code title="attr-keygen-keytype">keytype</code></dd>
+ <dd><code title="attr-fe-name">name</code></dd>
+ <dt>DOM interface:</dt>
+ <dd>
+<pre class="idl">interface <dfn>HTMLKeygenElement</dfn> : <span>HTMLElement</span> {
+ attribute boolean <span title="dom-fe-autofocus">autofocus</span>;
+ attribute DOMString <span title="dom-keygen-challenge">challenge</span>;
+ attribute boolean <span title="dom-fe-disabled">disabled</span>;
+ readonly attribute <span>HTMLFormElement</span> <span title="dom-fae-form">form</span>;
+ attribute DOMString <span title="dom-keygen-keytype">keytype</span>;
+ attribute DOMString <span title="dom-fe-name">name</span>;
+
+ readonly attribute DOMString <span title="dom-keygen-type">type</span>;
+
+ readonly attribute boolean <span title="dom-cva-willValidate">willValidate</span>;
+ readonly attribute <span>ValidityState</span> <span title="dom-cva-validity">validity</span>;
+ readonly attribute DOMString <span title="dom-cva-validationMessage">validationMessage</span>;
+ boolean <span title="dom-cva-checkValidatity">checkValidity</span>();
+ void <span title="dom-cva-setCustomValidity">setCustomValidity</span>(in DOMString error);
+
+ readonly attribute <span>NodeList</span> <span title="dom-lfe-labels">labels</span>;
+};</pre>
+ </dd>
+ </dl>
+
+ <p>The <code>keygen</code> element <span>represents</span> a key
+ pair generator control. When the control's form is submitted, the
+ private key is stored in the local keystore, and the public key is
+ packaged and sent to the server.</p>
+
+ <p>The <dfn
+ title="attr-keygen-challenge"><code>challenge</code></dfn> attribute
+ may be specified. Its value will be packaged with the submitted
+ key.</p>
+
+ <p>The <dfn title="attr-keygen-keytype"><code>keytype</code></dfn>
+ attribute is an <span>enumerated attribute</span>. The following
+ table lists the keywords and states for the attribute — the
+ keywords in the left column map to the states listed in the cell in
+ the second column on the same row as the keyword.</p>
+
+ <table>
+ <thead> <tr> <th> Keyword <th> State
+ <tbody>
+ <tr>
+ <td> <code title="">rsa</code>
+ <td> <i title="">RSA</i>
+ </table>
+
+ <p>The <i>invalid value default</i> state is the <i
+ title="">unknown</i> state. The <i>missing value default</i> state
+ is the <i title="">RSA</i> state.</p>
+
+ <div class="impl">
+
+ <p>The user agent may expose a user interface for each
+ <code>keygen</code> element to allow the user to configure settings
+ of the element's key pair generator, e.g. the key length.</p>
+
+ <p>The <span title="concept-form-reset-control">reset
+ algorithm</span> for <code>keygen</code> elements is to set these
+ various configuration settings back to their defaults.</p>
+
+ <p>The element's <span title="concept-fe-value">value</span> is the
+ string returned from the following algorithm:</p>
+
+ <!-- XXXrefs:
+ [X690] http://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+ -->
+
+ <ol>
+
+ <li>
+
+ <p>Use the appropriate step from the following list:</p>
+
+ <dl class="switch">
+
+ <!--
+
+ <dt>If the <code title="attr-keygen-keytype">keytype</code>
+ attribute is in the <i title="">EC</i> state</dt>
+
+ <dd>
+
+ <p>...
+
+ </dd>
+
+ http://www.mail-archive.com/dev-tech-crypto@lists.mozilla.org/msg05902.html
+
+ -->
+
+ <dt>If the <code title="attr-keygen-keytype">keytype</code>
+ attribute is in the <i title="">RSA</i> state</dt>
+
+ <dd>
+
+ <p>Generate an RSA key pair using the settings given by the
+ user, if appropriate.</p>
+
+ <p>Select an RSA signature algorithm from those listed in
+ section 7.2.1 ("RSA Signature Algorithm") of RFC2459. <a
+ href="#refsRFC2459">[RFC2459]</a></p>
+
+ </dd>
+
+ <dt>Otherwise, the <code
+ title="attr-keygen-keytype">keytype</code> attribute is in the <i
+ title="">unknown</i> state</dt>
+
+ <dd>
+
+ <p>The given key type is not supported. Return the empty string
+ and abort this algorithm.</p>
+
+ </dd>
+
+ </dl>
+
+ <p>Let <var title="">private key</var> be the generated private key.</p>
+
+ <p>Let <var title="">public key</var> be the generated public key.</p>
+
+ <p>Let <var title="">signature algorithm</var> be the selected
+ signature algorithm.</p>
+
+ </li>
+
+ <li>
+
+ <p>If the element has a <code
+ title="attr-keygen-challenge">challenge</code> attribute, then let
+ <var title="">challenge</var> be that attribute's value.
+ Otherwise, let <var title="">challenge</var> be the empty
+ string.</p>
+
+ </li>
+
+ <li>
+
+ <p>Let <var title="">algorithm</var> be an ASN.1 <code
+ title="">AlgorithmIdentifier</code> structure as defined by
+ RFC2459, with the <code title="">algorithm</code> field giving the
+ ASN.1 OID used to identify <var title="">signature
+ algorithm</var>, using the OIDs defined in section 7.2 ("Signature
+ Algorithms") of RFC2459, and the <code title="">parameters</code>
+ field set up as required by RFC2459 for <code
+ title="">AlgorithmIdentifier</code> structures for that
+ algorithm. <a href="#refsX690">[X690]</a> <a
+ href="#refsRFC2459">[RFC2459]</a></p>
+
+ </li>
+
+ <li>
+
+ <p>Let <var title="">spki</var> be an ASN.1 <code
+ title="">SubjectPublicKeyInfo</code> structure as defined by
+ RFC2459, with the <code title="">algorithm</code> field set to the
+ <var title="">algorithm</var> structure from the previous step,
+ and the <code title="">subjectPublicKey</code> field set to the
+ BIT STRING value resulting from ASN.1 DER encoding the <var
+ title="">public key</var>. <a href="#refsX690">[X690]</a> <a
+ href="#refsRFC2459">[RFC2459]</a></p>
+
+ </li>
+
+ <li>
+
+ <p>Let <var title="">publicKeyAndChallenge</var> be an ASN.1
+ <code>PublicKeyAndChallenge</code> structure as defined below,
+ with the <code title="">spki</code> field set to the <var
+ title="">spki</var> structure from the previous step, and the
+ <code title="">challenge</code> field set to the string <var
+ title="">challenge</var> obtained earlier. <a
+ href="#refsX690">[X690]</a></p>
+
+ </li>
+
+ <li>
+
+ <p>Let <var title="">signature</var> be the BIT STRING value
+ resulting from ASN.1 DER encoding the signature generated by
+ applying the <var title="">signature algorithm</var> to the byte
+ string obtained by ASN.1 DER encoding the <var
+ title="">publicKeyAndChallenge</var> structure, using <var
+ title="">private key</var> as the signing key. <a
+ href="#refsX690">[X690]</a></p>
+
+ </li>
+
+ <li>
+
+ <p>Let <var title="">signedPublicKeyAndChallenge</var> be an ASN.1
+ <code>SignedPublicKeyAndChallenge</code> structure as defined
+ below, with the <code title="">publicKeyAndChallenge</code> field
+ set to the <var title="">publicKeyAndChallenge</var> structure,
+ the <code title="">signatureAlgorithm</code> field set to the <var
+ title="">algorithm</var> structure, and the <code
+ title="">signature</code> field set to the BIT STRING <var
+ title="">signature</var> from the previous step. <a
+ href="#refsX690">[X690]</a></p>
+
+ </li>
+
+ <li>
+
+ <p>Return the result of base64 encoding the result of ASN.1 DER
+ encoding the <var title="">signedPublicKeyAndChallenge</var>
+ structure. <a href="#refsRFC3548">[RFC3548]</a><!--base64--> <a
+ href="#refsX690">[X690]</a></p>
+
+ </li>
+
+ </ol>
+
+ <p>The data objects used by the above algorithm are defined as
+ follows. These definitions use the same "ASN.1-like" syntax defined
+ by RFC2459. <a href="#refsRFC2459">[RFC2459]</a></p>
+
+ <pre class="asn"><dfn>PublicKeyAndChallenge</dfn> ::= SEQUENCE {
+ spki <span>SubjectPublicKeyInfo</span>,
+ challenge IA5STRING
+}
+
+<dfn>SignedPublicKeyAndChallenge</dfn> ::= SEQUENCE {
+ publicKeyAndChallenge <span>PublicKeyAndChallenge</span>,
+ signatureAlgorithm <span>AlgorithmIdentifier</span>,
+ signature BIT STRING
+}</pre>
+
+ <hr>
+
+ <p><strong>Constraint validation:</strong> The <code>keygen</code>
+ element is <span>barred from constraint validation</span>.</p>
+
+ </div>
+
+ <p>The <code title="attr-fae-form">form</code> attribute is used to
+ explicitly associate the <code>keygen</code> element with its
+ <span>form owner</span>. The <code title="attr-fe-name">name</code>
+ attribute represents the element's name. The <code
+ title="attr-fe-disabled">disabled</code> attribute is used to make
+ the control non-interactive and to prevent its value from being
+ submitted. The <code title="attr-fe-autofocus">autofocus</code>
+ attribute controls focus.</p>
+
+ <dl class="domintro">
+
+ <dt><var title="">keygen</var> . <code title="attr-keygen-type">type</code></dt>
+
+ <dd>
+
+ <p>Returns the string "<code title="">keygen</code>".</p>
+
+ </dd>
+
+ </dl>
+
+ <div class="impl">
+
+ <p>The <dfn
+ title="dom-keygen-challenge"><code>challenge</code></dfn> and <dfn
+ title="dom-keygen-keytype"><code>keytype</code></dfn> DOM attributes
+ must <span>reflect</span> the respective content attributes of the
+ same name.</p>
+
+ <p>The <dfn title="dom-keygen-type"><code>type</code></dfn> DOM
+ attribute must return the value "<code title="">keygen</code>".</p>
+
+ <p>The <code title="dom-cva-willValidate">willValidate</code>, <code
+ title="dom-cva-validity">validity</code>, and <code
+ title="dom-cva-validationMessage">validationMessage</code>
+ attributes, and the <code
+ title="dom-cva-checkValidatity">checkValidity()</code> and <code
+ title="dom-cva-setCustomValidity">setCustomValidity()</code>
+ methods, are part of the <span>constraint validation API</span>. The
+ <code title="dom-lfe-labels">labels</code> attribute provides a list
+ of the element's <code>label</code>s.</p>
+
+ </div>
+
+ <p class="note">This specification does not specify how the private
+ key generated is to be used. It is expected that after receiving the
+ <code>SignedPublicKeyAndChallenge</code> (SPKAC) structure, the
+ server will generate a client certificate and offer it back to the
+ user for download; this certificate, once downloaded and stored in
+ the key store along with the private key, can then be used to
+ authenticate to services that use SSL and certificate
+ authentication.</p>
+
+
+
<h4>The <dfn><code>output</code></dfn> element</h4>
<dl class="element">
@@ -37750,7 +38061,7 @@
attribute.</p>
<p>The <span title="concept-form-reset-control">reset
- algorithm</span> for <code>textarea</code> elements is to set the
+ algorithm</span> for <code>output</code> elements is to set the
element's <code>textContent</code> DOM attribute to the value of the
element's <code title="dom-output-defaultValue">defaultValue</code>
DOM attribute (thus replacing the element's child nodes), and then
@@ -67994,7 +68305,8 @@
</dd>
<dt>A start tag whose tag name is one of: "area", "basefont",
- "bgsound", "br", "embed", "img", "input", "spacer", "wbr"</dt>
+ "bgsound", "br", "embed", "img", "input", "keygen", "spacer",
+ "wbr"</dt>
<dd>
<p><span>Reconstruct the active formatting elements</span>, if
@@ -68120,15 +68432,6 @@
</dd>
-<!-- XXX keygen support; don't forget form element pointer!
- Search for 'keygen' elsewhere in the spec when doing this.
-
- <dt>A start tag whose tag name is "keygen"</dt>
- <dd>
- ...
- </dd>
--->
-
<dt>A start tag whose tag name is "textarea"</dt>
<dd>
@@ -68332,10 +68635,9 @@
"thead", "tr"</dt>
<!--<dt>An end tag whose tag name is one of: "area", "base",
"basefont", "bgsound", "command", "embed", "hr", "iframe", "image",
- "img", "input", "isindex", "link", "meta", "noembed", "noframes",
- "param", "script", "select", "source", "spacer", "style", "table",
- "textarea", "title", "wbr"</dt>--> <!-- add keygen if we add the
- start tag -->
+ "img", "input", "isindex", "keygen", "link", "meta", "noembed",
+ "noframes", "param", "script", "select", "source", "spacer",
+ "style", "table", "textarea", "title", "wbr"</dt>-->
<!--<dt>An end tag whose tag name is "noscript", if the
<span>scripting flag</span> is enabled</dt>-->
<dd>
@@ -70228,13 +70530,13 @@
<code>area</code>, <code>base</code>, <code>basefont</code>,
<code>bgsound</code>, <code>br</code>, <code>col</code>,
<code>embed</code>, <code>frame</code>, <code>hr</code>,
- <code>img</code>, <code>input</code>, <code>link</code>,
- <code>meta</code>, <code>param</code>, <code>spacer</code>, or
- <code>wbr</code> element, then continue on to the next child
- node at this point.</p> <!-- also, i guess: image, isindex,
- and keygen, but we don't list those because we don't consider
- those "elements", more "macros", and thus we should never
- serialize them -->
+ <code>img</code>, <code>input</code>, <code>keygen</code>,
+ <code>link</code>, <code>meta</code>, <code>param</code>,
+ <code>spacer</code>, or <code>wbr</code> element, then
+ continue on to the next child node at this point.</p> <!--
+ also, i guess: image and isindex, but we don't list those
+ because we don't consider those "elements", more "macros", and
+ thus we should never serialize them -->
<p>If <var title="">current node</var> is a <code>pre</code>,
<code>textarea</code>, or <code>listing</code> element, append
@@ -71829,7 +72131,7 @@
<pre class="css">@namespace url(http://www.w3.org/1999/xhtml);
-table, input, select, option, optgroup, button, textarea<!--, keygen --> {
+table, input, select, option, optgroup, button, textarea, keygen {
text-indent: initial;
}</pre>
@@ -72724,6 +73026,19 @@
+ <h4>The <code>keygen</code> element</h4>
+
+ <pre class="css">@namespace url(http://www.w3.org/1999/xhtml);
+
+keygen { binding: <i title="">keygen</i>; }</pre>
+
+ <p>When the <i title="">keygen</i> binding applies to a
+ <code>keygen</code> element, the element is expected to render as an
+ 'inline-block' box containing a user interface to configure the key
+ pair to be generated.</p>
+
+
+
<h3>Frames and framesets</h3>
<p>When an <code>html</code> element's second child element is a
@@ -73842,6 +74157,7 @@
Lachlan Hunt,
Larry Page,
Lars Gunther<!-- Keryx Web -->,
+ Lars Sunberg<!-- surname uncertain -->,
Laura L. Carlson,
Laura Wisewell,
Laurens Holst,
@@ -73981,6 +74297,7 @@
Wladimir Palant,
Wolfram Kriesing,
Yi-An Huang,
+ Yngve Nysaeter Pettersen,
Zhenbin Xu,
and
Øistein E. Andersen,