Chromium Code Reviews Chromium Code Reviews
Issue 1415653004:
Resolve issue from feedback for 1417363004 (Closed)
Base URL: https://chromium.googlesource.com/chromium/src.git@master| Index: chrome/browser/local_discovery/privet_http.h |
| diff --git a/chrome/browser/local_discovery/privet_http.h b/chrome/browser/local_discovery/privet_http.h |
| index 2cbd5ceb489b1dbd15124d1c7db05bb116040797..d8e31ed2b9cf53c168e54e6d41cccc6a5fd4276e 100644 |
| --- a/chrome/browser/local_discovery/privet_http.h |
| +++ b/chrome/browser/local_discovery/privet_http.h |
| @@ -63,8 +63,17 @@ class PrivetHTTPClient { |
| virtual void RefreshPrivetToken( |
| const PrivetURLFetcher::TokenCallback& token_callback) = 0; |
| - // After this call HTTPS will be used. Only requests to the server with |
| + // After this call only HTTPS will be used. Only requests to the server with |
| // matching certificate will be allowed. |
| + // Privet v3 devices must support HTTPS. However the device has self-signed |
| + // certificate so normal validation is not useful. The only known information |
| + // about device is fingerprint of the certificate. |
| + // Before using HTTPS, Privet v3 pairing generates a shared secret using |
| + // SPAKE2 over an insecure channel. Then the device sends the fingerprint |
| + // to the client, over the insecure channel, but signed using the shared |
| + // secret. |
|
Ryan Sleevi
2015/10/30 23:17:27
This comment doesn't really read naturally / gramm
Vitaly Buka (NO REVIEWS)
2015/10/31 03:55:35
Done.
|
| + // More info on pairing: |
| + // https://developers.google.com/cloud-devices/v1/reference/local-api/pairing_start |
| virtual void SwitchToHttps( |
| uint16_t port, |
| const net::SHA256HashValue& certificate_fingerprint) = 0; |
