Introducing the usage and attributes of the new form element keygen tag in htm5. This article mainly introduces the definition, usage and description of the attributes of the html5 keygen tag, as well as the advantages and disadvantages of the html5 keygen tag
html5 The definition and usage of the keygen tag:
The tag specifies the key pair generator field used for the form.
When the form is submitted, the private key is stored locally and the public key is sent to the server.
HTML5 Tag instance:
Form with keygen field:
<form action="demo_keygen.asp" method="get">
Username: <input type="text" name="usr_name" />
Encryption: <keygen name="security" />
<input type="submit" />
</form>
Copy after login
html5 Attributes of keygen tag:
html5 Introduction to the advantages and disadvantages of the keygen tag:
First of all, the tag will generate a public key and private key. The private key will be stored locally, and the public key will be sent to the server. So what are the public/private keys generated by the tag used for? When many friends see the public key/private key, they will probably think of asymmetric encryption. Yes, the tag plays the same role here. The
tag expects that after receiving the SPKAC (SignedPublicKeyAndChallenge) arrangement, the server will generate a client certificate (Client Certificate), and then return to the browser for the user to download and save it locally. After that, when the user needs verification, he uses the locally stored private key and certificate to go to the server for verification through the TLS/SSL secure transmission protocol.
The following are the advantages of using the tag:
- ##One is that it can improve the security during verification;
- At the same time, if it is used as a client certificate, it can improve the defense against MITM attacks;
- The keygen tag is implemented across browsers and is very easy to implement. Easy;
- In addition, you don’t need to consider the administrator rights of the operating system. For example, the operating system sets different browser permissions for different users. IE or other browsers can disable key generation in the settings. In this case, you can use the keygen tag to generate and use error-free client certificates.
There are many shortcomings of tags: (such as the following ten)
- Certificate (Certificates) is not easy and convenient in different systems (but for some systems, this is another advantage).
- There is no standard location for storing private keys.
- It is always confusing and difficult to understand when seeing the content generated by the tag on an HTML page. The
- tag allows the user to select the appropriate key from a list, but most users don't know how to choose.
- Many users don’t know whether they should follow the prompts to download the certificate (Certificate).
- The tag does not provide a mechanism for managing certificate expiration.
- There is no standard key length or hash to achieve browser independence.
- Algorithms (RSA, DSA, ECC, etc.) are not supported.
- The key size selection can only come from the form content generated by the tag, and is not something the user can choose.
- The signature can only be based on MD5 and cannot use other encryption algorithms.
Browser support
All major browsers support the
tag, except Internet Explorer and Safari. 【Related recommendations】
Do you know the specific usage of the html tag legend? Detailed explanation of the attributes and usage of the legend tag
html What is the map tag? Detailed explanation of the structure and specific usage of the html map tag
The above is the detailed content of Introduction to the usage and attributes of the keygen tag, a new form element in htm5. For more information, please follow other related articles on the PHP Chinese website!