Closed marten-seemann closed 1 year ago
I updated the spec, incorporating the ideas of @Stebalien and @Kubuxu for securing the connection and avoiding double-encryption:
/certhash
multiaddr component, which can be repeated to transmit multiple certificate hashes.If we really wanted we could accept CA-signed certs but as self-signed certs are the primary use case, we might as well use just self-signed.
I introduced a /certhash multiaddr component, which can be repeated to transmit multiple certificate hashes.
Can we convert the '/certhash' pairs into an IPLD structure and do something like '/certhashs/
I introduced a /certhash multiaddr component, which can be repeated to transmit multiple certificate hashes.
Can we convert the '/certhash' pairs into an IPLD structure and do something like '/certhashs/
' or something similar?
I don't think we'd want to do that since then we'd have to fetch the certhash someway (since we only have the cid). Also I'm not sure what we would gain from the extra overhead of having a struct here. We also don't want to introduce an IPLD dependency for every implementation that wants to add this.
Is there something I'm missing?
Is there something I'm missing?
The CID shouldn't require lookup if it's an identity CID, other than that, probably not? ¯\_(ツ)_/¯
Interesting idea of using Noise Prologue instead of handshake payload data: https://github.com/libp2p/specs/pull/412/files#r931163931 if we don't need to actually send this data.
Interesting! Any suggestion what exactly to put in the prologue? Unfortunately, when using multiple certhashes (as we will do), the browser won't know which of the certificates was accepted.
To use this technique, you need to have a value known by the server & the client, where each of them has an impact on the value, before the Noise handshake begins. (to safely identify one specific session)
So in webrtc case, concatenating both certificates does the trick, in webtransport case, I don't know if there is something similar applicable
Interesting! Any suggestion what exactly to put in the prologue? Unfortunately, when using multiple certhashes (as we will do), the browser won't know which of the certificates was accepted.
You are right, I forgot about this caveat. In this situation, I don't think there is a nice way to use the Noise Prologue.
If https://github.com/w3c/webtransport/issues/411 is implemented, we could use that key exporter to generate a unique value tied to the TLS session, which could be used as the Noise prologue.
Thank you everyone for the great discussions on this PR!
We've shipped (experimental) WebTransport support based on this specification in go-libp2p v0.23.
I've resolved all remaining nits in the specification. Would be grateful for another round of review and many approvals :)
Thank you for this in-depth review, @elenaf9!
I rewrote the "Certificates" section to allow the use of CA-signed certificates.
Thank you to everyone involved here! This was a big effort, and we now have a decent spec, implemented and released by go-libp2p, with another implementation in js-libp2p demonstrating interoperability.
Given that this PR has received 2 approvals from members of the libp2p team at PL, I'm going to merge it now. This does NOT mean that this spec is perfect - both editorial as well as protocol changes are still possible via PRs to this repo.
:rocket: big step for the project!
Small nit, can you add an entry to https://github.com/libp2p/specs#protocols?
This PR adds a basic spec for WebTransport, based on https://pl-strflt.notion.site/Enabling-WebTransport-across-the-libp2p-network-c6849c7252a1469a828a6c3e4b6abcad.
Most important things to watch out for when reviewing:
/ip4/1.2.3.4/udp/443/quic/webtransport/<hash1><hash2>
. Is this a sane construction?UPDATE 2022-07-26: Updated the link to the Notion page. I was mistaken in believing that the previous link was already public.