feat: Enable static tls config in Webtransport

libp2p / go-libp2p

libp2p implementation in Go

MIT License

5.98k stars 1.05k forks source link

feat: Enable static tls config in Webtransport #2230

Open MarcoPolo opened 1 year ago

MarcoPolo commented 1 year ago

We have some code to support a valid TLS cert in the webtransport listener, but we disabled it in https://github.com/libp2p/go-libp2p/pull/1927. There's some subtlety around making it secure.

In the mean time we may bake some assumptions that a webtransport multiaddr mostly has a certhash: https://github.com/libp2p/go-libp2p/pull/2227#discussion_r1151324966. When we re-enable static tls config we should revisit that discussion and see if anything needs to be changed

marten-seemann commented 1 year ago

Blocked on https://github.com/libp2p/specs/issues/507.

MarcoPolo commented 1 year ago

Thank you! I couldn't remember that issue