Newsgroups: php.internals Path: news.php.net Xref: news.php.net php.internals:48335 Return-Path: Mailing-List: contact internals-help@lists.php.net; run by ezmlm Delivered-To: mailing list internals@lists.php.net Received: (qmail 61839 invoked from network); 19 May 2010 00:14:18 -0000 Received: from unknown (HELO lists.php.net) (127.0.0.1) by localhost with SMTP; 19 May 2010 00:14:18 -0000 Authentication-Results: pb1.pair.com header.from=sriram.natarajan@gmail.com; sender-id=pass; domainkeys=bad Authentication-Results: pb1.pair.com smtp.mail=sriram.natarajan@gmail.com; spf=pass; sender-id=pass Received-SPF: pass (pb1.pair.com: domain gmail.com designates 74.125.83.170 as permitted sender) DomainKey-Status: bad X-DomainKeys: Ecelerity dk_validate implementing draft-delany-domainkeys-base-01 X-PHP-List-Original-Sender: sriram.natarajan@gmail.com X-Host-Fingerprint: 74.125.83.170 mail-pv0-f170.google.com Received: from [74.125.83.170] ([74.125.83.170:55726] helo=mail-pv0-f170.google.com) by pb1.pair.com (ecelerity 2.1.1.9-wez r(12769M)) with ESMTP id CA/06-27340-85D23FB4 for ; Tue, 18 May 2010 20:14:17 -0400 Received: by pvh1 with SMTP id 1so1167984pvh.29 for ; Tue, 18 May 2010 17:14:13 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=cs52LNZznlWQyP2bYc1OFmXTKhpQccYWCZ5tZyL47Sk=; b=xLVvEwGyE+MM4AfVSbtOEkDrtctibXxZq1crcJyoWe7vVQscnvVTszWX+hqb436RPV 29njEmwEH/wx2j3XtYNn03brF/FnXShZoo33QNuQJhkgwK/hIKpFkF9QbqNqPYakVrb8 2S2dbJt8p9m71fhQftlAEmUfKmwKk8JzFtQ0s= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=LARhRseZQ/S3F4ALmvuLsNj42Fdp/MId0fnoV5Qk6eGsaYzx1hi50hAm2DU680ulxW bsrAJTN5axlqiRCLwdzOp3MjTKgSsDGrvz+0cHnNJcVTbTc34w2RqmuRUgAPzOsCwakY BIe3CmFoIGNmKrhIFosqd1jlYa9OMjmA5kEV0= MIME-Version: 1.0 Received: by 10.140.56.18 with SMTP id e18mr5652518rva.167.1274228052909; Tue, 18 May 2010 17:14:12 -0700 (PDT) Received: by 10.140.172.19 with HTTP; Tue, 18 May 2010 17:14:12 -0700 (PDT) In-Reply-To: References: Date: Tue, 18 May 2010 17:14:12 -0700 Message-ID: To: Nathan Rixham Cc: internals@lists.php.net Content-Type: text/plain; charset=ISO-8859-1 Subject: Re: [PHP-DEV] SPKAC support for openssl in PHP From: sriram.natarajan@gmail.com (Sriram Natarajan) I am curious as to why you need this feature within PHP. I would expect that web server administrators typically need such feature but I am missing the context of it within PHP script engine. - Sriram On Tue, May 18, 2010 at 2:05 AM, Nathan Rixham wrote: > Hi All, > > Wondering if there is any support for SPKAC [1] in the openssl extension for > PHP? > > If not is it planned, and if not can it be? KEYGEN/SPKAC support is growing > in the UA vendors and KEYGEN is part of HTML5, being the preferred way to > generate client side SSL certificates since the private key never leaves the > browser. Further the need for client side certificate generation will be > growing somewhat over the next couple of years thanks to FOAF+SSL - which I > believe is about to start going through standardisation. > > At the minute we have to take a rather hacky approach in PHP [2] and it > get's much worse if you want to use x509 v3 extensions, you have to go > through a nasty process of using a bash script to gen a custom openssl.conf > on the fly to use in the SPKAC request. > > Best, > > Nathan > > [1] http://en.wikipedia.org/wiki/Spkac > [2] > http://lists.whatwg.org/pipermail/whatwg-whatwg.org/attachments/20080714/07ea5534/attachment.txt > > -- > PHP Internals - PHP Runtime Development Mailing List > To unsubscribe, visit: http://www.php.net/unsub.php > >