-
Notifications
You must be signed in to change notification settings - Fork 280
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add WebRTC Transport Spec #220
Comments
Moving a closed discussion into the open. In order to (a) write a libp2p-webrtc specification and ultimately (b) support WebRTC across libp2p implementations, we need to investigate the following open questions: Where Browser is replaced with the major browsers of today (Chrome, Safari, Edge, Firefox). Direct connections
Securing the connection
Lifecycle of a WebRTC connection
Multiplexing
|
To respond to the 'Direct Connections' section, I believe it is possible: As a JS in-browser library, to initiate you would create a peer connection, and then pretend like you got a candidate from the other side by passing in such a hand-crafted SDP message. This will cause the browser to generate an answer SDP of it's own address, but also to attempt initiation of a direct webrtc connection to the remote host/port. If the listening peer is waiting for a connection (e.g. has opened a peer connection and made ice candidates), they will accept this connection. as it may come before the relayed ice answer would have even in a normal setup flow. |
Chrome 97 adds support for |
From the link, I think we'll be out of luck here.
|
You say it because of the client-server model? I think it would still be useful since it will be common for browser nodes connect to server nodes 🤔 |
Fair enough if the transport is better than websockets than it seems useful. However, the major benefit that WebRTC gives us is the ability to connect to a peer that does not have a domain name and TLS cert, which WebTransport does not help us with. |
One tricky point is going to be the Basically, each endpoint must include a hash of its self-signed certificate in the SDP message. I haven't tried but I presume that browsers don't allow connections that don't use DTLS. One solution could be to generate the certificate deterministically by using the |
While it is possible to configure the certificates (in the IdP looks like it might have offered a solution if we had managed to play a few cryptographic tricks and run our identity proxies, but I find it quite hard to find concrete information about this. This is probably due to the fact that this only supported by Firefox (see for example here). There's an unresolved Chrome issue from 2015, so we shouldn't put our hopes on this getting implemented any time soon. |
https://www.w3.org/TR/webtransport/#certificate-hashes |
WebRTC in libp2p - Ongoing Efforts I want to highlight the many ongoing efforts around WebRTC in libp2p (that I am aware of). In the ideal case this enables some level of collaboration between the teams. Even if not, I think a general overview is in itself worth it.
|
Note that I opened #412, consolidating all our findings thus far as well as listing open questions. |
Status Update
|
Status Update
With both |
At the moment, we have three big issues communicating between go-libp2p and a browser:
However, it turns out that WebRTC already has built-in support for both encryption and multiplexing. Even better, the browser APIs allow the user to get the local and remote certificates of a connection (and their fingerprints).
Given this, we should be able to:
Setup
Connection Establishment
Unfortunately, Firefox and Safari still need to implement https://www.w3.org/TR/webrtc/#dom-rtcdtlstransport-getremotecertificates.
The text was updated successfully, but these errors were encountered: