- From: Samet BUDAK via GitHub <sysbot+gh@w3.org>
- Date: Thu, 08 Oct 2020 08:42:54 +0000
- To: public-webrtc-logs@w3.org
> Firefox also supports persisting of certificates (and their corresponding keys). > > @aboba, I don't think that this would necessarily need validation, though it certainly suggests that it would have value. If we were to do anything here, I'd suggest that it be to support signing of certificates by a CA. That's a pretty cumbersome process that involves exporting a PKCS#10 CSR and importing the signed certificate (including validation of the same). We'd need significant motivation to support even that. > > As stated, this could be used to subvert the security mechanisms we have implemented. It's not mere trouble as Tim suggests, but a full-blown undermining of our identity mechanism. I would recommend closing this, then opening other issues to track the stated alternatives if those are still desirable. Are there any sample about Firefox about import an existing certificate ? -- GitHub Notification of comment by kraskixxx Please view or discuss this issue at https://github.com/w3c/webrtc-pc/issues/1853#issuecomment-705423543 using your GitHub account -- Sent via github-notify-ml as configured in https://github.com/w3c/github-notify-ml-config
Received on Thursday, 8 October 2020 08:42:56 UTC