Re: [webrtc-pc] RTCCertificate Interface should (or should not) be backed up. from Bernard Aboba via GitHub on 2018-02-22 (public-webrtc-logs@w3.org from February 2018)

From: Bernard Aboba via GitHub <sysbot+gh@w3.org>
Date: Thu, 22 Feb 2018 23:16:41 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-367855903-1519341400-sysbot+gh@w3.org>

@steely-glint Here is my take on the intended behavior. The specification says that the RTCCertificate represents a handle to both the X.509 certificate and the private key. That would seem to imply that when the RTCCertificate is stored and retrieved, that always includes both elements, regardless of whether the private key is stored in a secure module. The format for storage/retrieval isn't specified, but any format that can represent both the certificate and private key (e.g. PKCS12, PEM, etc.) would suffice. The storage is "persistent" across reboots, but while there is an internal slot for the private key, it cannot be retrieved in JS. 

Does this make sense?

-- 
GitHub Notification of comment by aboba
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1694#issuecomment-367855903 using your GitHub account

Received on Thursday, 22 February 2018 23:16:49 UTC