FF138 Relnote: Certificate returns fingerprints #39010
Conversation
github-actions
bot
added
Content:WebAPI
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
Preview URLs Flaws (1)Note! 1 document with no flaws that don't need to be listed. 🎉 URL:
External URLs (1)URL:
(comment last updated: 2025-04-11 11:20:26) |
|
|
||
| // Get the certificate fingerprints from the client. | ||
| const fingerprintsFromClient = rtcPeerConnection.certificate.getFingerprints(); |
There was a problem hiding this comment.
This was definitely wrong, because there is no RTCPeerConnection.certificate property.
You can either the RTCCertificate from the RTCPeerConnection.getConfiguration() (which gets your current configuration, as set up in the peer connection constructor) or from a certificate you generate using the static method and pass in.
I think the intent is that the peer connection gets created and creates you some certificates (or you create your own). You then exchange their fingerprints out of band, then start the connection up by creating offer etc. As part of all this DTLS gets setup and the fingerprints sent are used for identity verification.
If that is true, then this is OK - though it could be more informative. Following up in https://bugzilla.mozilla.org/show_bug.cgi?id=1525241
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>
|
This pull request has merge conflicts that must be resolved before it can be merged. |
FF138 adds support for the
RTCCertificate.getFingerprints()method in https://bugzilla.mozilla.org/show_bug.cgi?id=1525241This is draft, because I'd quite like a sanity check from the developers - asked in https://bugzilla.mozilla.org/show_bug.cgi?id=1525241
Related docs can be tracked in #38882