DtlsTransport.getLocalParameters and certificate creation #211
Comments
|
How about this for Section 4.3.2? getLocalParameters Let p be a new promise. |
|
There is another related issue. In the forking scenario, the offerer can signal dtlsTransport.getLocalParameters, and get one or more replies. In this scenario, each of the answerer(s) will have called RTCDtlsTransport.start(), providing the signaled local parameters as an argument. Therefore, each additional reply beyond the first requires a new dtlsTransport to be constructed on the local peer, with the same fingerprint as the original, so that RTCDtlsTransport.start() can be called with the received remote DTLS parameters. However, without the certificate management API recently added to WebRTC 1.0 (see: http://w3c.github.io/webrtc-pc/archives/20150611/webrtc.html), this cannot be accomplished; by default, the newly constructed RTCDtlsTransport will have a new certificate and fingerprint. |
|
The latest WebRTC 1.0 specification (http://w3c.github.io/webrtc-pc/archives/20150611/webrtc.html) includes a Certificate Management API in Section 5.5. This provides for a getCertificate() method that returns a promise. So there is a need to discuss how the certificate management API would affect this issue (e.g. the certificate could be created and then passed to the DtlsTransport constructor, so that getLocalParameters could return immediately). |
|
Resolution discussed at the ORTC CG meeting was to add a certificate as a mandatory argument in the DtlsTransport constructor. That way, getLocalParameters would not need to be a Promise. |
If a certificate is created when DtlsTransport.getLocalParameters is called or when the object is constructed, then it is possible that getLocalParameters would not be able to return immediately. This can be addressed either by making getLocalParameters() a Promise, or via the certificate management API.
The text was updated successfully, but these errors were encountered: