openscreenprotocol
openscreenprotocol copied to clipboard
w3c
Open Screen Protocol
The current certificate profile states: https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L412-L415 The `Signing` key usage should refer to the precise key usage defined in [RFC 5280, Section 4.2.1.3](https://tools.ietf.org/html/rfc5280#section-4.2.1.3), which is `digitalSignature`
The current certificate profile is incompatible with browser security requirements for verifying certificates, and uses fields known to cause interoperability issues. Specifically, the following section demonstrates this: https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L393-L406 1. The...
A number of user agents intentionally decline to implement P-521, due to the significant performance overheads incurred relative to the limited security benefit provided in practice. For example, both Chrome...
The value `fp` is defined as: https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L285-L291 Agent Certificate then follows, with the definition at: https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L354-L417 The issue is that the certificate Serial Number field makes use of `fp`, as...
Separate from #277, the support for signature algorithms currently states: https://github.com/w3c/openscreenprotocol/blob/5488c7b7cce9c9c64ba97348a8deb0c6c50eb9bb/index.bs#L367-L370 However, this is not a defined X.509/PKIX signature algorithm. It's likely these names were derived from [RFC 8446, Section...
To encourage certificate agility, consider adding a relatively short maximum lifetime as in WebTransport (https://w3c.github.io/webtransport/#custom-certificate-requirements). This change would imply that the SPAKE2 identity should be formed from the subject public...
What HTTP headers should we recommend go into the Remote Playback start request?
It looks like since October, the travis-ci jobs to update our generated spec (on the gh-pages branch) when pull requests are merged is failing. Example today: https://travis-ci.com/github/w3c/openscreenprotocol/builds/218631036 What is failing...
Each codec reported by the receiver in the `streaming-capabilities-response` can have one or more codec-specific parameters (as part of the `format` sub-message). However, there's no definition of what these parameters...
If a controller has a media element using Media Source Extensions, there may be no media resource URL at all; the application will attach a MediaSource directly to the media...