diff --git a/webrtc.html b/webrtc.html index e95541cca..5efedc24d 100644 --- a/webrtc.html +++ b/webrtc.html @@ -972,7 +972,8 @@

Constructor

If the certificates value in configuration is non-empty, check that the expires on each value is in the future. If a - certificate has expired, throw an + certificate has expired or a the [[\Origin]] internal slot of + the certificate does not match the current origin, throw an InvalidAccessError; otherwise, store the certificates. If no certificates value was specified, one or more new RTCCertificate instances are generated for use @@ -4572,9 +4573,10 @@

RTCCertificate Interface

The RTCCertificate interface represents a certificate used to authenticate WebRTC communications. In addition to the visible properties, internal slots contain a handle to the - generated private keying materal ([[\KeyingMaterial]]) and a certificate + generated private keying materal ([[\KeyingMaterial]]), a certificate ([[\Certificate]]]]) that RTCPeerConnection - uses to authenticate with a peer.

+ uses to authenticate with a peer, and the origin ([[\Origin]]) + that created the object.

[Exposed=Window] interface RTCCertificate {
     readonly        attribute DOMTimeStamp expires;
@@ -4661,7 +4663,15 @@ 
Methods

           refer to the same private keying material represented by the
           [[\KeyingMaterial]] internal slot of input.
           
+          
  • Let the [[\Origin]] internal slot of output
+          be a copy of the [[\Origin]] internal slot of input.
+          
    • 
         
+        
    Supporting structured cloning in this manner
+        allows RTCCertificate instances to be persisted to stores.  It
+        also allows instances to be passed to other origins using APIs
+        like postMessage [[!webmessaging]].  However, the object cannot
+        be used by any other origin than the one that originally created it.