<keygen> has been removed in Chrome since version 56 in Jan 2017 and never was implemented in Internet Explorer or Edge. The element has also been removed from the HTML specification: https://github.com/w3c/html/issues/43 Firefox's implementation never matched the specification completely as the parser changed the elements into a select with some hacks to make it work: https://bugzilla.mozilla.org/show_bug.cgi?id=101019
The element didn't have clear usage numbers and also the user experience wasn't clear at all (The firefox implementation was a select box with "high grade" and "medium grade" options). It also poses a privacy risk as another fingerprint vector. Most of the use cases are resolved by web crypto or u2f. With code that was unmaintained for many years in Firefox it poses a unique risk into nss and also including a DoS vector against the parent process. The removal implementation is to change the parser to behave similar to other void elements but also behave like HTMLUnknownElement. The appropriate web platform tests that were put in place by Chrome developers are now conforming to their implementation. Keygen will be removed from Firefox 69. Bug: https://bugzilla.mozilla.org/show_bug.cgi?id=1315460 Note: This is a post-hoc unship notice, this wasn't intentional I thought I had already filed when I worked on this initially. Thanks Jonathan _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
