Deprecate <keygen> #67
Comments
<keygen> is not supported by Edge. Chrome and Firefox are in the process of removing it. Appcache is superseded by service workers.
|
Well, I have certainly reviewed the blink-dev thread and equivalent thread from Mozilla before making that change. Coupled with Microsoft not being interested in shipping it, this seems like the only way forward. |
|
Keygen never worked in Microsoft (MS) . They have an ActiveX controller to do the same thing, which we use. It's easy using JS to switch between them. (it makes code more difficult to write, and it would be nice if keygen were improved to the point where it was implemented in MS browsers too). |
|
Let me note that it's pretty odd to commit something to master without first opening an issue on the subject that people of the HTML5 WG can first discuss. |
|
Please be respectful. Abbreviations like "M$" have no place here. And this is also not the HTML WG or has any relationship with it. |
|
Does the WhatWG not have a process of first discussing an issue on its list or in an issue DB and then making commits? The discussions referred to in commit 1b43806 may not be visible to your members. What is the official way to bring up an issue here? |
|
The editor is in charge of making changes within the WHATWG. And typically the editor does so after consulting with the community in some manner. In this case, a PR was supplied: #26. https://groups.google.com/d/msg/mozilla.dev.platform/pAUG2VQ6xfQ/FKX63BwOIwAJ is the discussion by Mozilla by the way. There's at least one more thread somewhere around there. |
|
Closing this issue, since now there is an issue, namely this issue. FWIW, I support deprecating |
|
@foolip you don't leave much time for the public and other interested parties to participate in a debate: 3.5 hours it seems to be precise. Is it so important to remove a feature that has been around for 15 years this quickly? |
|
Nothing was removed. The only thing that happened here is that a warning was added to the specification to point out that browser vendors are trying to figure out whether the feature can be removed. |
|
@Ms2ger It sounds a bit more than a warning to me (after all, it is marked as "critical"). Otherwise, is there any need to make a recommendation to use service workers? If browser vendors / people are trying to figure things out, then wait for actual justification or an appropriate alternate to present itself. As I understand the threads, there only appears to be hypothetical promises. |
|
Fundamentally, this is about making the spec reflect reality. The reality is that keygen is:
This is ample justification for adding a warning, and indeed a critical one, to the spec, to reflect the fact that this feature is going away. Besides, per spec the feature never actually had to work; UAs never had to support any keygen algorithms. |
|
Apple has no intention of supporting WebM, and Microsoft doesn't seem too keen on it either. Should we remove WebM from the spec as well? The reality of keygen is that many people currently use it, and the lack of support from ONE browser should not be seen as a total failure. Microsoft Edge's developer website states their reason for not supporting it is "...significant interoperability issues exist with the DOM interfaces and protocols for this feature."[1] Would it not make more sense to fix these issues and get Microsoft's support rather than throwing it out? [1] https://dev.modern.ie/platform/status/keygenelement/?filter=f3f0000bf&search=keygen |
|
WebM isn't in the spec. |
|
Huh, you're right (well, half right: https://html.spec.whatwg.org/multipage/embedded-content.html#sourcing-in-band-text-tracks:media-resource-6). My bad. My point was that a lack of support from one or more browsers does not mean it should be removed. |
|
@domenic argued:
It was supported in Firefox, Opera, Safari for over 10 years and then Chrome came along and supported it too. With IE there is a JS work around using their Certificate Enrolment API as mentioned at the top of this issue. So all desktop browsers at least have this functionality.
The deprecations there are being pushed through without regard to the arguments held up. One of the arguments was that this is in the standard. As a result this change was surreptitiously made to html5 in order to help win the argument in the browser space. The two arguments are not independent.
They work quite well: we tested them in all the browsers. There is nothing yet equivalent to it. The argument here and the one @timbl put forward in the discussions and now at the Technical Architecture Group of the W3C is that you should first wait to have something to replace |
This is inaccurate. The change was made to the HTML Standard in response to the browser depredations. |
|
I'd like to request that this issue be reopened (edit... Derp because it is late... PULL REQUEST BE RECONSIDERED, because apparently there is already the commit discussed by this thread was already made before an issue was opened and pull request were only opened later)... seems odd it was closed out so quickly. I get there is a pull request related that was also rapidly closed. Seems to require more public input. Should have been an issue, pull request, etc... then merge of some kind after substantial public discussion... That isn't what happened here. So what's going on? |
|
There isn't anything unusual going on here, the way things usually happen is:
We are currently in step 3, where the a warning has been added in the spec but the feature hasn't been deprecated in any browser yet. Until it looks like the tide is turning and the relevant browser developers commit to keeping |
|
Can we at least agree not to abuse the term warning meanwhile marking it with class |
|
@foolip there was not unanimity in the browser discussions about removing it, and the arguments were not coherently made, which should not be surprising as this is a complex topic involving many different groups from JS crypto, UI design, TLS, HTTP and HTTP2.0, Web App Security, certificate design, authentication APIs such as OpenID, OAuth, Mozilla Persona, etc... other standards organisations such as FIDO that tie into hardware and OSes, Web Privacy debates, etc. etc.... As such this is a discussion that requires coordination between a large number of diverse groups, with very different skills, on a topic that is fraught with complex international political agendas ( think Snowden). Hopefully the discussion at the Technial Architecture Group (TAG) will help bring more light to this: https://lists.w3.org/Archives/Public/www-tag/2015Sep/thread.html |
|
Consensus is not part of how WHATWG specs are written. See https://whatwg.org/faq if you are not familiar with the WHATWG process. class="critical" is the class name that is used for anything that represents something we expect to change in the spec. class=note and class=warning represent things where we (currently) expect the spec to not change. Here, since the warning is specifically about the fact that the spec may in fact eventually change, "critical" is the appropriate class name. Note that class names are opaque non-semantic strings and it could be class="bluefish" and have the same meaning. It's just a key into the CSS. (class=warning actually renders a more noticeable message than class=critical.) |
|
We were finally told what the reason for the "security risk" of is meant to be. Since this issue is closed I opened issue 102: & "md5WithRSAEncryption" for that. That debate is more interesting than what the process of the WHATWG is. |
|
Why was this issue closed? |
|
@akuckartz, the stated reason for opening the issue was to have an issue tracking the deprecation commit, so there isn't anything actionable we can do with the issue if open. Please file a new issue if there is a specific spec change you are proposing. |
|
@foolip No, I will raise this outside the WHATWG. |
|
Perhaps the most details logic overview I have yet gone into about the logical security aspect of at multiple layers can be found here now: https://groups.google.com/a/chromium.org/d/msg/blink-dev/pX5NbX0Xack/dn_7RguGAAAJ |
|
There may be an issue with the MD5 weakness in spkac as communicated to me by Prof David Chadwick in a personal e-mail ( I asked him if I could quote him )
I expanded on that in the blink-dev thread Re: beyond MD5 to security logic -- Re: (Pre-)Intent to Deprecate: element and application/x-x509-*-cert MIME handling. But it really comes to show that one should only trust that a signature belongs to a person after that person has proven that they have the private key of a given public key. In TLS authentication this happens automatically. In the described situation the patent office should first have required the person to authenticate with the certificate before accepting the submission. In any case all of this makes a case for improving spkac, not for removing . |
|
Given that there is no standard to replace keygen, what the actual effect of this change is to remove client certificates from the world wide web. Microsoft's lack of support for keygen was irrelevant, as they provided their activex alternative. This is not therefore a justification for the current proposal. Why is there an attempt to ram through the removal of a key security feature from the web? |
|
There is no such attempt, at least not from the WHATWG. You'll notice that the element is still in the spec. The only change that has been made to the spec is to point out that browser vendors desire to stop supporting this feature. That's just a statement of fact. If you want to convince them not to do so, you have to discuss it with them directly. |
|
Who are "browser vendors?". To quote from the commit: "This feature is in the process of being removed from the Web platform. (This Microsoft disagreed with the spec for 15 years and everyone else decided to follow the spec anyway. Suddenly a different vendor disagrees with the spec and everyone scrambles to remove it from the spec? Why the deprecation of client side private keys? What is going on? |
|
Chrome and Mozilla are the vendors who recently indicated their desire to drop it in future versions of their respective products, as I understand it. Actually, the spec post-dates all the implementations. <keygen> was non-standard when Netscape invented it, and the W3C refused to spec it, and it was only when a few years ago I finally decided to find what little documentation there was and put it in the WHATWG spec that there was anything resembling a spec for it. I don't believe any of the implementations post-date the spec. |
Ryan Sleevi, the person who started the blink-dev thread where the discussion is happening and which I think is being used by Firefox as the discussion thread, contributes to Firefox security as well as to Google Chrome's , and was editor of the JS Crypto API. He believes that everything that can be done with keygen can actually be done with the crypto API, and he points to the Fido alliance as the future cure. We have argued that these are not necessarily incompatible with , and that we should wait, but he is in a hurry. It seems to have to be done real soon. Many people have spoken out. Tim Berners Lee brought this up on the Technical Architecture Group this month, and there is discussion on the WebAppsSec group too, eg concerning the relevance of Same Origin Policy As for @Hixie's point that
|
|
I'm new to the Keygen feature, but if I understand it right, it enables a very important use case: link-local secure networking. I would like to see a future where I and other people about me advertise HTTP services, for example "Top 5 albums of the week" or some such. Keygen would let me also advertise/negotiate a self-signed certificate on the HTTP page, that when installed would let me upgrade the viewer to HTTPS. Previously it was a nice to have, but now that getUserMedia works over secure origin only, I consider this (a means to agree to a non browser-blessed-CA certificate) a must have feature. What do you think is an appropriate way to allow a link-local web? Does everyone everywhere wanting to share ambiently with other people need to procure a cert from a centralized, controlled CA? That seems antithetical, a burden to projects like Eddystone which are trying to increase the degrees to which we can form connections with one another, especially over link local. Do you have any other affordances in the pipeline? I don't know how else to interpret this deprecation as anything but pushing us from a place where users can connect with each other, to a scary, centralized web. I'm not a fan of this spec, but based on this one use case, it seems vital to peer to peer scenarios, it has a rough concensus of running code, it's technical nits that Microsoft object to can be remedied, and it has no replacements lined up. I'd like this PR reverted, and a genuine discussion on what should happen to occur if the existing feature was found inadequate/undesirable to implement. Chrome issue on getUserMedia() being unusable over link-local, http://code.google.com/p/chromium/issues/detail?id=531675&thanks=531675&ts=1442264648 |
|
Peter Bowen kindly corrected my false understanding of Keygen. Keygen was never an aid for the server to assert authorization in a link-local scenario. Apologies, please disregard above. |
|
Do not feel to guilty - over the years many people have used keygen in odd experiments as a way to create public/private key pairs - to then trigger some (self signed) scenario. |
|
If <keygen> dies, is there anything that replaces what it does? Making the browser generate a private-key, sending off a signing request, storing the key securely? What if you could do this using Javascript, but forcing the browser to popup one of those messages first. Just like the geolocation api and "This page wants to know your location", we could have a "This page wants to generate a private certificate in your browser.". |
|
The W3C TAG have a report entitled "Keygen and Client Certificates" edited by |
|
TY @bblfish |
|
Is anyone else able to confirm that the latest (stable) build of Chrome has indeed disabled the KEYGEN element? |
This fixes a regression introduced (apparently on purpose, without understanding the implications) in cf0355d. Now, realms and environment settings objects are properly 1:1 with Window objects. See some discussion in #67 and in #322 (comment).
This fixes a regression introduced (apparently on purpose, without understanding the implications) in cf0355d. Now, realms and environment settings objects are properly 1:1 with Window objects. See some discussion in #67 and in #322 (comment). Drive-by fix: it's actually ParseScript that depends on the realm, not ScriptEvaluation.
This fixes a regression introduced (apparently on purpose, without understanding the implications) in cf0355d. Now, realms and environment settings objects are properly 1:1 with Window objects. See some discussion in #67 and in #322 (comment). Drive-by fix: it's actually ParseScript that depends on the realm, not ScriptEvaluation.
|
The current stable version of Chrome indeed seems to have disabled keygen. We noticed this by our certificate form breaking for Chrome users, which is the first I've heard of any of this. |
|
On 08 Apr 2016, at 09:45, Per Johansson [email protected] wrote:
Which version - we are looking into recent bug-reports at two of our Medical (public service) customers which seem to say this too - but are absolutely unable to reproduce it (up to and including 48.0.2564.103). Dw. |
|
I'm going to lock this thread since it's receiving a bunch of off-topic conversation not relevant to the HTML Standard. Please use |
The following
commit 1b438067d84da2ee95988842cdd8fe2655444936 named "deprecate <keygen> and appcache" has not be registered as an issue, meaning it may not be visible to people who should care about it, and the discussion may get lost later on, so I am posting this in the issues database.
The text was updated successfully, but these errors were encountered: