From 6f3b7e2b7ac173336981f4c1fa3dedb0cd32ba19 Mon Sep 17 00:00:00 2001 From: Bernard Aboba Date: Wed, 14 Mar 2018 11:15:29 -0700 Subject: [PATCH] Handling of KeyingMaterial internal slot Rebase of https://github.com/w3c/webrtc-pc/pull/1723 Clarification for Issues https://github.com/w3c/webrtc-pc/issues/1694 and https://github.com/w3c/webrtc-pc/issues/1739 See also #1089 --- webrtc.html | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/webrtc.html b/webrtc.html index 44ba138e4..79e671cbb 100644 --- a/webrtc.html +++ b/webrtc.html @@ -4672,14 +4672,18 @@

Methods

For the purposes of this API, the [[\Certificate]] slot - contains unstructured binary data.

-

Note that an RTCCertificate might not directly hold - private keying material, this might be stored in a secure module.

-

The RTCCertificate object can be stored and retrieved - from persistent storage by an application. When a user agent is - required to obtain a structured clone [[!HTML51]] of an - RTCCertificate object, it performs the following - steps:

+ contains unstructured binary data. No mechanism is provided for + applications to access the [[\KeyingMaterial]] internal slot. + Implementations MUST support applications storing and retrieving + RTCCertificate objects from persistent storage. + In implementations where an RTCCertificate might not + directly hold private keying material (it might be stored in a + secure module), a reference to the private key can be held in + the [[\KeyingMaterial]] internal slot, allowing the + private key to be stored and used.

+

When a user agent is required to obtain a structured + clone [[!HTML51]] of an RTCCertificate object, + it performs the following steps:

  1. Let input and memory be the corresponding inputs defined by the internal structured cloning algorithm, where