Certificate validation in pion/dtls

[daenney]

This is not a bug, but a heads-up. We've just merged a change to enable certificate validation, as well as being able to provide your own Root CA pool etc, much like crypto/tls does: pion/dtls#81. It'll go out once we tag v1.5.0.

Nothing changes for go-coap, it's just that there's now some additional fields in dtls.Config that can be set to control this behaviour. I don't think any of it needs to be set by default but it might be good to review it real quick in case it might cause problems.

[jkralik]

Thank you. I updated go-coap to pions/dtls 1.5 but I have some questions:

• How can I set certificate chain to config -> why is not used tls.Certificate instead of x509.Certificate with privatekey ?
• How can I verify ceritificate chain with VerifyPeerCertificate ? -> I suggest to use same type function as is tls.Config.VerifyPeerCertificate.

[jkralik]

Waiting for branch v2: pion/dtls#99

[jkralik]

Supported by #82