Closed CMCDragonkai closed 1 year ago
Tasks 1 and 2 are done. I'm skipping task 3 for now unless we really need it.
What's difference between rotating certs and rotating CA certs?
This has been updated. We can now modify the whole QUICConfig
using QUICServer.updateConfig(config: Partial<QUICConfig>)
We can use this to update the TLS
certs and the CA
cert. Setting the CA
cert can't be set using a cert from memory for now. I still need to add that.
Specification
TLS certs may be changed while the server is running, or while we are using the client. We need to be able to swap out the TLS certs without impacting old connections.
QUICServer
The
QUICServer
manages multipleQUICConnection
connections. EachQUICConnection
is created with aQUICConfig
POJO.This mean when we swap out the TLS, we don't change the existing
QUICConnection
. We only change how newQUICConnection
will get created.So our
QUICServer
needs to new methods such as:This function would "update" the config POJO object. New connections would be initiated with the new TLS configuration. Existing connections would continue to use the old
QuicheConfig
object and would not be affected by the updated config POJO.Tests should test starting with 1 cert, and creating connections, and while they are running, create a new cert, rotate the cert, and then create new connections using the new cert, while the old connections are still valid.
QUICClient
The
QUICClient
is one to one to a singleQUICConnection
. This means, a client cannot have its TLS config rotated live. Instead it's simply a matter of creating new QUIC clients with the new TLS config.During testing of the
QUICServer.setTLSConfig
, tests should start new QUIC clients with the new TLS configuration too.Remember, when updating the TLS configuration... we are really doing 2 things:
In our PK P2P situation, we won't just use the OS default certificate store. We will actually want to verify that the other certs is one that we trust.
This means when PK is using it, it actually has to disable the peer verification and put in its own custom verification: https://github.com/cloudflare/quiche/issues/326#issuecomment-577281881.
This technically means we don't really care about the certificate store.
These 2 functions in the config are not relevant to us.
Additional context
2
Tasks
setTLSConfig
toQUICServer
.