SPKAC

SPKAC is an acronym that stands for Signed Public Key and Challenge, also known as Netscape SPKI.

It is a format for sending a Certification Signing Request: it encodes a public key, that can be manipulated using openssl.[1] It is created using the little documented HTML keygen element[2] inside a number of Netscape compatible browsers.

Implementations

HTML5 has now specified the keygen element,[3] and has more info on SPKAC.[4] This can be very useful for making it easy to create client side certificates through a web service for protocols such as WebID.[5]

Bouncy Castle provides a Java class.[6][7]

An implementation for Erlang/OTP exists too.[8]

An implementation for Python is named pyspkac.[9]

PHP OpenSSL extension as of version 5.6.0.[10]

node.js implementation.[11]

Deficiencies

The user interface needs to be improved in browsers, to make it more obvious to users when a server is asking for the client certificate.[12]

References

  1. "Documents, spkac(1)". OpenSSL. Retrieved 2013-10-13.
  2. "Html | Mdn". Developer.mozilla.org. 2013-08-15. Retrieved 2013-10-13.
  3. "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.
  4. "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.
  5. "WebID: creating a global decentralised authentication protocol". W3.org. Retrieved 2013-10-13.
  6. "Bouncy Castle Java Documentation". Retrieved 2013-12-06.
  7. "foaf-protocols] spkac test implementation in Java". Lists.foaf-project.org. Retrieved 2013-10-13.
  8. "ztmr/espkac @ GitHub". Github.com. Retrieved 2013-10-13.
  9. "pyspkac". Github.com. Retrieved 2013-12-06.
  10. "php 5.6.0 OpenSSL Native SPKAC support".
  11. "node.js spki support".
  12. "User tracking with SSL certificates in Firefox - The H Security: News and Features". Heise-online.co.uk. 2007-09-19. Archived from the original on 2008-09-19. Retrieved 2013-10-13.

External links

This article is issued from Wikipedia - version of the Monday, November 02, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.