[whatwg] Question re: WSS

On Sat, 8 Aug 2009, Melvin Carvalho wrote:
> 
> Since WebSockets seem to be talked about recently.  I've have a couple 
> of questions re: the http websocket implementation and https ie wss

I'm not sure what you mean by "the http websocket implementation", but I 
will try to reply to your questions as best I can.


> 1. Will wss be able to perform a normal TLS handshake over wss?

If I understand your question correctly: yes, in fact it is required to.


> 2. Will it be able to send an X.509 certificate down the wire?

Is that a feature of TLS? If so, then it should work fine, assuming that 
there is no need for support for this feature from the protocol tunneled 
through TLS.


> 3. Is it likely that the receiving websocket will be able to access
> fields such as SubjectAltName in the certificate?

That depends entirely on how the server is architected. I see no reason 
why it would not be possible.

HTH,
-- 
Ian Hickson               U+1047E                )\._.,--....,'``.    fL
http://ln.hixie.ch/       U+263A                /,   _.. \   _\  ;`._ ,.
Things that are impossible just take longer.   `._.-(,_..'--(,_..'`-.;.'

Received on Friday, 14 August 2009 03:53:50 UTC