Michael Ströder wrote, On 2008-12-28 04:38 PST: > Nelson B Bolyard wrote: >> I also think we need a page or two on developer.mozilla.org that fully >> documents both the <keygen> tag and the crypto.generateCRMFRequest method. > > +1 > >> The existing documentation is very incomplete. The <keygen> tag, for >> example, accepts many more arguments than are now publicly documented.
Let me start by saying that there are very few documents known to me that are authoritative documentation of the keygen tag, and all are essentially archival copies of documentation developed at Netscape in a prior millennium. They are: http://devedge-temp.mozilla.org/library/manuals/1998/htmlguide/tags10.html#1615503 which is now 11 years old, and http://docs.sun.com/source/816-5535-10/index.html#DSA (6 years old) and https://developer.mozilla.org/En/HTML/HTML_Extensions/KEYGEN_Tag which seems to be the most complete, but is still not complete. > Which arguments are that? Now, here's what's not documented. 1. The attribute name "keyparams" is a synonym for the attribute name "pqg". Either name may be used for that attribute. 2. There are 3 recognized values for the "keytype" attribute. They are "rsa", "dsa" and "ec". 3. When the keytype is "ec", the EC curve used in the generated key is selected by the value of the optional keyparams attribute, if - it is present and - it is one of the strings found in the table at http://bonsai.mozilla.org/cvsblame.cgi?file=mozilla/security/manager/ssl/src/nsKeygenHandler.cpp&rev=1.49&mark=179-256#177 - and the indicated curve is supported in that browser. Otherwise, it is chosen by the user's choice from the key size choice box according to the following table Key Size Curve -------- ------------- High secp384r1 Medium secp256r1 Low secp256r1 The documentation for crypto.generateCRMFRequest is found at https://developer.mozilla.org/en/JavaScript_crypto/generateCRMFRequest but it is also incomplete. The EC key generation documentation is missing. _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto