From c8f0593f66b8d627b7e6def3180d5bb2b454d19a Mon Sep 17 00:00:00 2001
From: Marten Richter <marten.richter@freenet.de>
Date: Tue, 10 Dec 2024 21:41:45 +0000
Subject: [PATCH 1/2] RFC 215: webtransport_h3_cert_hash_test_server

---
 rfcs/webtransport_h3_cert_hash_test_server.md | 29 +++++++++++++++++++
 1 file changed, 29 insertions(+)
 create mode 100644 rfcs/webtransport_h3_cert_hash_test_server.md

diff --git a/rfcs/webtransport_h3_cert_hash_test_server.md b/rfcs/webtransport_h3_cert_hash_test_server.md
new file mode 100644
index 0000000..6c83496
--- /dev/null
+++ b/rfcs/webtransport_h3_cert_hash_test_server.md
@@ -0,0 +1,29 @@
+# RFC 215: WebTransport over HTTP/3 Test Server that uses a self-signed certificate for authentification wit serverCertificateHashes
+
+## Summary
+
+Start another instance of the [WebTransport over HTTP/3](https://datatracker.ietf.org/doc/html/draft-ietf-webtrans-http3-01) server in [RFC 85](https://github.com/web-platform-tests/rfcs/blob/master/rfcs/webtransport_h3_test_server.md) in wpt, that uses instead of the standard certificate a self-signed certificate. The hash of the certificate is passed to the test defined. The certificate is autogenerated at the startup of the wpt tests within the python code.
+
+## Details
+
+### Implementation
+
+It is a slight modification of the server from [RFC 85](https://github.com/web-platform-tests/rfcs/blob/master/rfcs/webtransport_h3_test_server.md) in the `tools/webtransport` directory.
+The implementation uses the `cryptography` lib for certificate generation, that is already used by wpt through the `aioquic` lib. 
+
+### Handlers
+See [RFC 85](https://github.com/web-platform-tests/rfcs/blob/master/rfcs/webtransport_h3_test_server.md) for details.
+
+### `wptserve` integration
+
+See [RFC 85](https://github.com/web-platform-tests/rfcs/blob/master/rfcs/webtransport_h3_test_server.md) for details.
+
+A server certificate hash is autogenerated within the python code in `environment.py`. It is passed as part of the config (property `cert_hash_info`) to the tests. The tests can access the server certificate hash as `server_certificate_hash` inside the javascript templates.
+
+### Dependencies
+
+As of writing this RFC, the only dependency are `aioquic` as in RFC 85 and `cryptography`, which is already a dependency of `aioquic`.
+
+## Risks
+
+Risks are similar to [RFC #85](https://github.com/web-platform-tests/rfcs/blob/master/rfcs/webtransport_h3_test_server.md#risks), as it is a minimal modification of RFC 85, so that maintenance cost increase is neglible.

From dd1b8a7c2157058c7e846cecbea61988acdef03e Mon Sep 17 00:00:00 2001
From: Ms2ger <Ms2ger@gmail.com>
Date: Wed, 5 Feb 2025 17:27:29 +0100
Subject: [PATCH 2/2] Update rfcs/webtransport_h3_cert_hash_test_server.md

---
 rfcs/webtransport_h3_cert_hash_test_server.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/rfcs/webtransport_h3_cert_hash_test_server.md b/rfcs/webtransport_h3_cert_hash_test_server.md
index 6c83496..0d9c36a 100644
--- a/rfcs/webtransport_h3_cert_hash_test_server.md
+++ b/rfcs/webtransport_h3_cert_hash_test_server.md
@@ -1,4 +1,4 @@
-# RFC 215: WebTransport over HTTP/3 Test Server that uses a self-signed certificate for authentification wit serverCertificateHashes
+# RFC 216: WebTransport over HTTP/3 Test Server that uses a self-signed certificate for authentication with serverCertificateHashes
 
 ## Summary