RFE: TLS API

[CendioOssman]

We at noVNC have a bit of an odd request, in that we'd like access to the browsers complete TLS implementation from JavaScript. Not just the crypto routines, but also the protocol handling.

The use case is that we are handling a non HTTP protocol entirely from JavaScript, tunnelled via some intermediary. That means that the TLS protecting the HTTP transport might just be one hop, and TLS is desired to protect the entire chain.

We don't want to develop and maintain our own TLS implementation entirely in JavaScript. As a result, we currently have to tell users to disable TLS between the HTTP proxy and VNC server.

[twiss]

Hi 👋 I think this is a bit out of scope for Web Crypto, and might need to be brought to the WICG.

P.S. there is already a JS implementation of TLS, here: https://github.com/digitalbazaar/forge.

[CendioOssman]

Hi 👋 I think this is a bit out of scope for Web Crypto, and might need to be brought to the WICG.

I've filed a proposal here now: WICG/proposals#192

P.S. there is already a JS implementation of TLS, here: https://github.com/digitalbazaar/forge.

It's something we've considered, but I don't think that gives me the same confidence as getting access to NSS or OpenSSL.