- From: Tim Panton new <thp@westhawk.co.uk>
- Date: Mon, 9 Nov 2015 08:57:02 +0000
- To: Martin Thomson <martin.thomson@gmail.com>
- Cc: Philipp Hancke <fippo@andyet.net>, Eric Rescorla <ekr@rtfm.com>, Bernard Aboba <Bernard.Aboba@microsoft.com>, "public-webrtc@w3.org" <public-webrtc@w3.org>
> On 9 Nov 2015, at 06:21, Martin Thomson <martin.thomson@gmail.com> wrote: > > On 8 November 2015 at 21:57, Philipp Hancke <fippo@andyet.net> wrote: >> Then what is >> http://w3c.github.io/webrtc-stats/#widl-RTCCertificateStats-issuerCertificateId >> for? It seems to allow traversing the chain in stats. Which will allow the >> application to determine at what level the certificate is trusted. > > That would seem to be in support of a fundamentally different model > for authentication. Has anyone actually proposed that model? > I may have mentioned something related. The idea was to be able to check how the cert associated with the media was related to that associated with the page. The only place I could see this being useful was when calling into a callcenter gateway - say from a banking web page - the fact that the DTLS cert matched (in some undefined way) the TLS one might be used to give the caller reassurance that the speaker did represent the bank. I’m certainly in favour of having the remote cert accessible in some form or other to the JS - there are interesting UX things one could do with it - like display the logo field for example. Tim.
Received on Monday, 9 November 2015 08:57:37 UTC