There's a new* keygen element in the html5 spec. It's supported in major browsers excepting Internet Explorer and Safari.
Here's what it looks like:
<form action="processkey.cgi" method="post" enctype="multipart/form-data">
<p><keygen name="key"></p>
<p><input type=submit value="Submit key..."></p>
</form>
The current implementations only support RSA as the keytype attribute.
Now my question, what useful things can I do with it? What's it for?
*: not really
The obvious usage is client authentication. It can be used to improve security in combination with a passphrase or smartcard, or to be a convenient replacement for entering a password.
The WebID single sign on protocol is an interesting proposal in this context.
The main issue with client certificates is that it is bound to the browser. So if you are on another computer, you don't have access to them unless you took precautions.
I think it could be used to mitigate session hijacking. A server could authenticate a client and then prior to taking input from a client the server could perform a check on the client. The spec also allows you to generate a public key and challenge. Prior to submitting important information in a form, it would be nice to be able to reauthenticate the server.
The purpose of the element is to provide a secure way to authenticate users. The tag specifies a key-pair generator field in a form. More can be found here http://www.w3schools.com/html/html5_form_elements.asp
