SPKAC

SPKAC is an acronym that stands for Signed Public Key and Challenge, also known as Netscape SPKI.

It is a format for sending a Certification Signing Request: it encodes a public key, that can be manipulated using openssl.^[1] It is created using the little documented HTML keygen element^[2] inside a number of Netscape compatible browsers.

Implementations

HTML5 has now specified the keygen element,^[3] and has more info on SPKAC.^[4] This can be very useful for making it easy to create client side certificates through a web service for protocols such as WebID.^[5]

Bouncy Castle provides a Java class.^[6]^[7]

An implementation for Erlang/OTP exists too.^[8]

An implementation for Python is named pyspkac.^[9]

PHP OpenSSL extension as of version 5.6.0.^[10]

Deficiencies

The user interface needs to be improved in browsers, to make it more obvious to users when a server is asking for the client certificate.^[11]

References

^ "Documents, spkac(1)". OpenSSL. Retrieved 2013-10-13.
^ "Html | Mdn". Developer.mozilla.org. 2013-08-15. Retrieved 2013-10-13.
^ "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.
^ "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.
^ "WebID: creating a global decentralised authentication protocol". W3.org. Retrieved 2013-10-13.
^ "Bouncy Castle Java Documentation". Retrieved 2013-12-06.
^ "foaf-protocols] spkac test implementation in Java". Lists.foaf-project.org. Retrieved 2013-10-13.
^ "ztmr/espkac @ GitHub". Github.com. Retrieved 2013-10-13.
^ "pyspkac". Github.com. Retrieved 2013-12-06.
^ "php 5.6.0 OpenSSL Native SPKAC support".
^ "User tracking with SSL certificates in Firefox - The H Security: News and Features". Heise-online.co.uk. 2007-09-19. Archived from the original on 2008-09-19. Retrieved 2013-10-13. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)

External links

This cryptography-related article is a stub. You can help Wikipedia by expanding it.

[1] "Documents, spkac(1)". OpenSSL. Retrieved 2013-10-13.

[2] "Html | Mdn". Developer.mozilla.org. 2013-08-15. Retrieved 2013-10-13.

[3] "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.

[4] "HTML 5.1 Nightly". Dev.w3.org. 2004-02-05. Retrieved 2013-10-13.

[5] "WebID: creating a global decentralised authentication protocol". W3.org. Retrieved 2013-10-13.

[6] "Bouncy Castle Java Documentation". Retrieved 2013-12-06.

[7] "foaf-protocols] spkac test implementation in Java". Lists.foaf-project.org. Retrieved 2013-10-13.

[8] "ztmr/espkac @ GitHub". Github.com. Retrieved 2013-10-13.

[9] "pyspkac". Github.com. Retrieved 2013-12-06.

[10] "php 5.6.0 OpenSSL Native SPKAC support".

[11] "User tracking with SSL certificates in Firefox - The H Security: News and Features". Heise-online.co.uk. 2007-09-19. Archived from the original on 2008-09-19. Retrieved 2013-10-13. {{cite web}}: Unknown parameter |deadurl= ignored (|url-status= suggested) (help)

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

[10]

[11]