[Bug 21879] New: Unable to access certificate information in the API

https://www.w3.org/Bugs/Public/show_bug.cgi?id=21879

            Bug ID: 21879
           Summary: Unable to access certificate information in the API
    Classification: Unclassified
           Product: WebRTC Working Group
           Version: unspecified
          Hardware: All
                OS: All
            Status: NEW
          Severity: normal
          Priority: P2
         Component: WebRTC API
          Assignee: public-webrtc@w3.org
          Reporter: martin.thomson@skype.net
                CC: public-webrtc@w3.org

The identity of the peer for an RTCPeerConnection is valuable information. 
Current work concentrates on the mechanisms for authenticating this peer and
presenting identification information on browser chrome.  No API surface is
provided for inspecting the certificate presented by the peer.  No API surface
is provided for inspecting the certificate that will be presented to the peer.

Providing access to certificates allows an application to make in-content
assertions about the peer identity, as well as provide additional checks.  For
instance, an application might be unable to use peer identity, but can provide
their own assurances about peer identity.

In terms of what information is provided, this doesn't need to be robust.  I
don't know what the WebCrypto group has done so far on this, but taking
advantage of any API defined there is probably sensible.  At a minimum, this
should provide access to the CN, DER-encoded certificate and a couple of
certificate fingerprints (SHA-1 and SHA-256 probably).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.

Received on Tuesday, 30 April 2013 17:36:51 UTC