W3C home > Mailing lists > Public > public-webrtc-logs@w3.org > May 2018

Re: [webrtc-pc] Allow to import existing certificate

From: Ariel Tubaltsev via GitHub <sysbot+gh@w3.org>
Date: Tue, 01 May 2018 16:29:14 +0000
To: public-webrtc-logs@w3.org
Message-ID: <issue_comment.created-385716115-1525192153-sysbot+gh@w3.org>
@aboba Certificate chaining is asking for itself, but I'd limit the scope of this proposal only to the import of the certificate (BYW, if I wasn't clear, the certificate should include private key), both from the holistic implementation point of view, product point of view - to see if there will be an ask for chaining, and also some conceptual stuff, that I hardly can reason about right now - should be there an authority in P2P communication?

@martinthomson In my mind, importing certificate means importing private key as well.
I can confirm that generated RTCCertificate can be happily stored in indexed DB and re-used afterwards. As such, I can put same RTCCertificate in 2 different browsers even today, so again don't see how my proposal makes anything less secure. I just propose to expose an ability to create RTCCertificate from some existing one.

GitHub Notification of comment by arielt
Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1853#issuecomment-385716115 using your GitHub account
Received on Tuesday, 1 May 2018 16:29:17 UTC

This archive was generated by hypermail 2.4.0 : Saturday, 6 May 2023 21:19:44 UTC