RE: [sysapps/raw socket api]: List of changes to be done based on Madrid session 2013-04-09 from Nilsson, Claes1 on 2013-04-15 (public-sysapps@w3.org from April 2013)

From: Nilsson, Claes1 <Claes1.Nilsson@sonymobile.com>
Date: Mon, 15 Apr 2013 13:21:05 +0200
To: 'Jonas Sicking' <jonas@sicking.cc>
CC: Ke-Fong Lin <ke-fong.lin@4d.com>, "public-sysapps@w3.org" <public-sysapps@w3.org>, "Isberg, Anders" <Anders.Isberg@sonymobile.com>, "Edenbrandt, Anders" <Anders.Edenbrandt@sonymobile.com>, "Isaksson, Björn" <Bjorn.Isaksson@sonymobile.com>, "Falk, Mattias" <Mattias.Falk@sonymobile.com>
Message-ID: <6DFA1B20D858A14488A66D6EEDF26AA3010F4E5ACC8C@seldmbx03.corpusers.net>

Thanks Jonas,

See inline below.

Best regards
  Claes

> -----Original Message-----
> From: Jonas Sicking [mailto:jonas@sicking.cc]
> Sent: den 12 april 2013 18:11
> To: Nilsson, Claes1
> Cc: Ke-Fong Lin; public-sysapps@w3.org; Isberg, Anders; Edenbrandt,
> Anders; Isaksson, Björn; Falk, Mattias
> Subject: Re: [sysapps/raw socket api]: List of changes to be done based
> on Madrid session 2013-04-09
> 
> On Thu, Apr 11, 2013 at 10:42 AM, Nilsson, Claes1
> <Claes1.Nilsson@sonymobile.com> wrote:
> > Thanks Ke-Fong,
> >
> > See inline below.
> >
> > Claes
> >
> >> -----Original Message-----
> >> From: Ke-Fong Lin [mailto:ke-fong.lin@4d.com]
> >> Sent: den 10 april 2013 21:04
> >> To: Nilsson, Claes1; public-sysapps@w3.org
> >> Cc: Isberg, Anders; Edenbrandt, Anders; Isaksson, Björn; Falk,
> >> Mattias
> >> Subject: RE : [sysapps/raw socket api]: List of changes to be done
> >> based on Madrid session 2013-04-09
> >>
> >> Hi Claes,
> >>
> >> Just a few comments:
> >>
> >> >o   Add method upgradeToSSL() and event when done
> >> >(Claes comment: TLS could be used so maybe we should call the
> method
> >> upgradeToSecureTransport()? In addition, do we need this for UDP as
> >> well?)
> >>
> >> Yes, that's probably better naming.
> >> You'll have to add constructors with provision for certificate of
> >> server to connect to.
> > [Claes] Yes, setting up a secure transport channel is more
> complicated. Compare for example with
> http://docs.oracle.com/javase/6/docs/api/javax/net/ssl/SSLSocket.html.
> We have to consider what we need for web system apps. Do you have a
> tangible proposal for how this would look like in our API?
> 
> We should definitely enable a way to use whatever certificates are
> installed on the system. I.e. we should make it possible in the API to
> not provide any certificates and just use the system ones. I expect all
> runtimes to support https which means that they all have a default
> store of certificates.
> 
> I personally don't know of any use cases which require supporting
> supplying a certificate when setting a connection, but I suspect such
> use cases exist.
[Claes] I agree that it seems to be the most likely use case to use the default certificates and we should make the API as easy as possible for this common use case. Then we should also see if we need to fulfill more complicated use cases. 4D and we will look into this when the other specification updates that was agreed on the meeting have been done.  
> 
> / Jonas

Received on Monday, 15 April 2013 11:21:37 UTC