- From: Kit Cambridge <notifications@github.com>
- Date: Sun, 13 Sep 2015 21:18:51 -0700
- To: w3c/push-api <push-api@noreply.github.com>
- Message-ID: <w3c/push-api/pull/130/r39360510@github.com>
> + <li>Let <var>map</var> be an empty map. > + </li> > + <li>Add an entry to <var>map</var> whose key name is <code>endpoint</code> and whose value > + is the result of converting the <code>endpoint</code> attribute of the > + <a><code>PushSubscription</code></a> to a serialized value. > + </li> > + <li>Let <var>keys</var> be an empty map. > + </li> > + <li>For each identifier <var>i</var> corresponding to keys in internal slots on the > + <a><code>PushSubscription</code></a>, ordered by the name of the key: > + <ol> > + <li>Let <var>b</var> by the encoded value of the public key corresponding to the key > + name <var>i</var>, using the encoding defined for the key name (see <code><a data-lt= > + "PushSubscription.getKey">getKey</a></code>). > + </li> > + <li>Let <var>s</var> be the URL-safe base64 encoding of <var>b</var> as a @martinthomson IIRC, you were considering constant-time hex encoding to mitigate side-channel attacks. Is that a concern with Base64 encoding? --- Reply to this email directly or view it on GitHub: https://github.com/w3c/push-api/pull/130/files#r39360510
Received on Monday, 14 September 2015 04:19:39 UTC