- From: <bugzilla@jessica.w3.org>
- Date: Tue, 30 Apr 2013 17:36:50 +0000
- To: public-webrtc@w3.org
https://www.w3.org/Bugs/Public/show_bug.cgi?id=21879 Bug ID: 21879 Summary: Unable to access certificate information in the API Classification: Unclassified Product: WebRTC Working Group Version: unspecified Hardware: All OS: All Status: NEW Severity: normal Priority: P2 Component: WebRTC API Assignee: public-webrtc@w3.org Reporter: martin.thomson@skype.net CC: public-webrtc@w3.org The identity of the peer for an RTCPeerConnection is valuable information. Current work concentrates on the mechanisms for authenticating this peer and presenting identification information on browser chrome. No API surface is provided for inspecting the certificate presented by the peer. No API surface is provided for inspecting the certificate that will be presented to the peer. Providing access to certificates allows an application to make in-content assertions about the peer identity, as well as provide additional checks. For instance, an application might be unable to use peer identity, but can provide their own assurances about peer identity. In terms of what information is provided, this doesn't need to be robust. I don't know what the WebCrypto group has done so far on this, but taking advantage of any API defined there is probably sensible. At a minimum, this should provide access to the CN, DER-encoded certificate and a couple of certificate fingerprints (SHA-1 and SHA-256 probably). -- You are receiving this mail because: You are on the CC list for the bug. You are the assignee for the bug.
Received on Tuesday, 30 April 2013 17:36:51 UTC