To install click the Add extension button. That's it.

The source code for the WIKI 2 extension is being checked by specialists of the Mozilla Foundation, Google, and Apple. You could also do it yourself at any point in time.

4,5
Kelly Slayton
Congratulations on this excellent venture… what a great idea!
Alexander Grigorievskiy
I use WIKI 2 every day and almost forgot how the original Wikipedia looks like.
Live Statistics
English Articles
Improved in 24 Hours
Added in 24 Hours
What we do. Every page goes through several hundred of perfecting techniques; in live mode. Quite the same Wikipedia. Just better.
.
Leo
Newton
Brights
Milds

From Wikipedia, the free encyclopedia

SPKAC is an acronym that stands for Signed Public Key and Challenge, also known as Netscape SPKI.

It is a format for sending a Certification Signing Request: it encodes a public key, that can be manipulated using OpenSSL.[1] It is created using the little documented HTML keygen element[2] inside a number of Netscape compatible browsers.

Standardisation

There exists an ongoing effort to standardise SPKAC through an Internet Draft in the Internet Engineering Task Force (IETF). The purpose of this work has been to formally define what has existed prior as a de facto standard, and to address security deficiencies, particular with respect to historic insecure use of MD5 that has since been declared unsafe for use with digital signatures as per RFC 6151.[3]

Implementations

HTML5 originally specified the <keygen> element to support SPKAC in the browser to make it easier to create client side certificates through a web service for protocols such as WebID;[4][5] however, subsequent work for HTML 5.1 placed the keygen element "at-risk", and the first public working draft of HTML 5.2 removes the keygen element entirely.[6][7][8] The removal of the keygen element is due to non-interoperability and non-conformity from a standards perspective in addition to security concerns.[9]

The World Wide Web Consortium (W3C) Web Authentication Working Group developed the WebAuthn (Web Authentication) API to replace the keygen element.[10]

Bouncy Castle provides a Java class.[11][12]

An implementation for Erlang/OTP exists too.[13]

An implementation for Python is named pyspkac.[14]

PHP OpenSSL extension as of version 5.6.0.[15]

node.js implementation.[16]

Deficiencies

The user interface needs to be improved in browsers, to make it more obvious to users when a server is asking for the client certificate.[17]

References

  1. ^ "Documents, spkac(1)". OpenSSL. Retrieved 5 April 2017.
  2. ^ "Html | Mdn". Developer.mozilla.org. 15 August 2013. Retrieved 13 October 2013.
  3. ^ "RFC 6151 – Updated Security Considerations for the MD5 Message-Digest and the HMAC-MD5 Algorithms". Internet Engineering Task Force. March 2011. Retrieved 11 November 2013.
  4. ^ "HTML5 W3C Recommendation 28 October 2014. 4.10.12 The keygen element". W3C. 28 October 2014. Retrieved 17 October 2016.
  5. ^ "WebID: creating a global decentralised authentication protocol". W3C. Retrieved 13 October 2013.
  6. ^ Nevile, Chaals (3 June 2016). "Re: Call for Consensus - Remove <keygen> from HTML". W3C HTML Working Group (Mailing list). Retrieved 17 October 2016.
  7. ^ "HTML5.1: CR 21 June 2016. Status of this document". W3C. 21 June 2016. Retrieved 17 October 2016.
  8. ^ "HTML 5.2: First Public WD. Changes from HTML 5.1". W3C. 18 August 2016. Retrieved 17 October 2016.
  9. ^ W3C Technical Architecture Group (30 November 2015). "Keygen and Client Certificates". W3C. Retrieved 17 October 2016.
  10. ^ Halpin, Harry; Appelquist, Daniel; Mill, Eric; Gmür, Reto (31 May 2016). "Re: removing keygen from HTML". W3C WWW Technical Architecture Group (Mailing list). Retrieved 17 October 2016.
  11. ^ "Bouncy Castle Java Documentation". Retrieved 6 December 2013.
  12. ^ "foaf-protocols] spkac test implementation in Java". Lists.foaf-project.org. Retrieved 13 October 2013.
  13. ^ "ztmr/espkac @ GitHub". Github.com. Retrieved 13 October 2013.
  14. ^ "pyspkac". Github.com. Retrieved 6 December 2013.
  15. ^ "php 5.6.0 OpenSSL Native SPKAC support".
  16. ^ "node.js spki support".
  17. ^ "User tracking with SSL certificates in Firefox - The H Security: News and Features". Heise-online.co.uk. 19 September 2007. Archived from the original on 19 September 2008. Retrieved 13 October 2013.

External links

This page was last edited on 16 October 2021, at 06:58
Basis of this page is in Wikipedia. Text is available under the CC BY-SA 3.0 Unported License. Non-text media are available under their specified licenses. Wikipedia® is a registered trademark of the Wikimedia Foundation, Inc. WIKI 2 is an independent company and has no affiliation with Wikimedia Foundation.