W3C home > Mailing lists > Public > public-webcrypto@w3.org > April 2016

Secure context requirement?

From: Charles Engelke <w3c@engelke.com>
Date: Fri, 22 Apr 2016 14:39:25 -0400
Message-ID: <CAFeVzdy=XUa0=M6mBTr3FZwjvFsOJpqLwEn_u_xGx14w2Wxe+w@mail.gmail.com>
To: public-webcrypto@w3.org
I know that the intention is to require a secure context for using the
Web Cryptography API, and browsers currently do that, but is that
written into the spec? I couldn't find it (but maybe I was looking for
the wrong wording).

I'm writing tests for key generation, and right now I'm just checking
for a secure context and skipping all the tests if I'm not in one. But
perhaps I should explicitly check that the API won't run in such a
context. If so, is there a rule for what kind of exception should be
thrown by the browser?

Received on Friday, 22 April 2016 18:39:53 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 19:03:04 UTC