On Jul 3, 2015 10:59 PM, "Bernard Aboba" <Bernard.Aboba@microsoft.com> wrote: > A. Can only the keygenAlgorithm be set? What about other aspects like key length or hash algorithm? The answer is yes to length and partially to hash. You need to know the length to generate a key: WebCrypto makes that a mandatory parameter. For hash, WebCrypto bakes the hash algorithm into the RSA key generation parameters, but not EC for some reason. An early proposal had an extra parameter for selecting the hash algorithm, but discussion with Ryan led to the current form, where the browser chooses. As a practical matter, that means if you have a decode that chokes on SHA-256, you will be sad. > B. Is it possible to add other attributes to the RTCCertificate interface, such as the fingerprint? Yes. The current form is purposefully minimal. It's easier to add things than remove them in my experience. If we have enthusiasm for a fingerprint attribute, I'm not opposed to adding one.
Received on Saturday, 4 July 2015 19:30:33 UTC