fippo
commented
6 years ago what is the behaviour when null is passed? I assume "generate a new one"?
Open aboba opened 6 years ago
fippo
commented
6 years ago what is the behaviour when null is passed? I assume "generate a new one"?
aboba
commented
6 years ago @fippo Yes. Now that ECDSA is the default ciphersuite, generation should not block the main thread even on modest processors.
lgrahl
commented
6 years ago Mh, I don't think I like this change. Blocking the main thread (even slightly) is never a good idea and generating a certificate is just one line.
robin-raymond
commented
6 years ago @lgrahl I share your concern about blocking the main thread; I suspect on most desktops this will be < 40ms with P-256 default ECDSA but on slower less powerful mobile this could be 100ms+. We could never generate 2048bit RSA with blocking on a slow device (bad idea) so it's only ECDSA by default at best.
aboba
commented
6 years ago Looking at the ECDSA generation times, it would seem that generating a more secure ECDSA certificate (equivalent to RSA 2048) could take longer than 100 ms on a low-end processor. So putting this proposal on hold for now.
Fix for Issue https://github.com/w3c/ortc/issues/866