- From: ShijunS <notifications@github.com>
- Date: Mon, 24 Nov 2014 10:16:53 -0800
- To: w3c/push-api <push-api@noreply.github.com>
Received on Monday, 24 November 2014 18:17:27 UTC
The following is what I learned from the IETF session. * The UA is expected to manage the private key of the key pair and handle the decryption task rather than leaving that to the webapp or its SW. * Otherwise, the webapp or its SW need to access the IndexedDB, and which in turn potentially leads to more operations. * What the webapp does is to pass the public key to the webapp server. If my understanding above is correct, we have another question. WebCrypto might not provide the functionality for this. The key pair in this case will be from and managed by the UA or the underlying system, which is not available from WebCrypto. It seems to me the intention here is to define a new encryption behavior. Of course, WebCrypto can always be a good reference in terms of algorithms and logics. --- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/pull/89#issuecomment-64237912
Received on Monday, 24 November 2014 18:17:27 UTC