DTLS fails sometimes (ORTC)

Issue #14888858


José C.
Nov 30, 2017
This issue is public.
Found in
  • Microsoft Edge
Found in build #
Reported by 4 people

Sign in to watch or report this issue.

Steps to reproduce

When doing the DTLS handshake with Tokbox’s SFU, it sometimes fails.

The problem seems to be a “Change Cipher Spec” message from EDGE to the SFU after the "Server hello done". According the the spec [1], this is illegal. It must be a “Client Key Exchange” message.

Please find attached two wireshark captures, a working and failing handshake. In both cases, EDGE has the IP ending in 93 and the SFU the IP ending in 247. Note that “Client key exchange” and “Change cipher spec” arrive almost at the same time. It seems that the order is not controlled, and when the second one arrives first, the handshake fails.

[1] https://tools.ietf.org/html/rfc5246#section-7.4.7


Comments and activity

  • Chrome sends the response including several messages in one packet

  • Microsoft Edge Team

    Changed Assigned To to “Steven K.”

    Changed Status

  • This issue has been resolved External. This means this issue may require a new feature to be implemented or other work that is more significant than a typical bug. You may be able to find more information on this issue by searching for related features on status.microsoftedge.com and uservoice.microsoftedge.com.

You need to sign in to your Microsoft account to add a comment.

Sign in