21879 2013-04-30 17:36:50 +0000 Unable to access certificate information in the API 2014-12-15 10:39:41 +0000 1 1 1 Unclassified WebRTC Working Group WebRTC API unspecified All All RESOLVED LATER P2 normal --- 27224 1 martin.thomson public-webrtc harald public-webrtc w3c-bugzilla oldest_to_newest 87018 0 martin.thomson 2013-04-30 17:36:50 +0000 The identity of the peer for an RTCPeerConnection is valuable information. Current work concentrates on the mechanisms for authenticating this peer and presenting identification information on browser chrome. No API surface is provided for inspecting the certificate presented by the peer. No API surface is provided for inspecting the certificate that will be presented to the peer. Providing access to certificates allows an application to make in-content assertions about the peer identity, as well as provide additional checks. For instance, an application might be unable to use peer identity, but can provide their own assurances about peer identity. In terms of what information is provided, this doesn't need to be robust. I don't know what the WebCrypto group has done so far on this, but taking advantage of any API defined there is probably sensible. At a minimum, this should provide access to the CN, DER-encoded certificate and a couple of certificate fingerprints (SHA-1 and SHA-256 probably). 87020 1 martin.thomson 2013-04-30 17:41:57 +0000 (I forgot to add this.) Certificate information should be available even if the peer identity doesn't carry an identity assertion from an IDP. That means that the RTCIdentityAssertion probably isn't the right place to add this information. 114171 2 harald 2014-10-28 19:01:37 +0000 Stats has defined stats items that allow access to certificates. Would these satisfy the issue? If so, we'll move this bug to be on stats. 114341 3 harald 2014-10-31 16:27:17 +0000 Included in RTPSender proposal. 114458 4 harald 2014-11-03 23:21:38 +0000 The API suggested is on the Transports proposal: Bug 27224. 116328 5 dom 2014-12-15 10:39:41 +0000 WebRTC API bugs have been moved to github issues: https://github.com/w3c/webrtc-pc/issues Please subscribe to the issues you want to keep watching.