DTLS fails sometimes (ORTC)

Issue #14888858 • Assigned to Steven K.


José C.
Nov 30, 2017
This issue is public.
Found in
  • Microsoft Edge
Found in build #
Reported by 4 people

Sign in to watch or report this issue.

Steps to reproduce

When doing the DTLS handshake with Tokbox’s SFU, it sometimes fails.

The problem seems to be a “Change Cipher Spec” message from EDGE to the SFU after the "Server hello done". According the the spec [1], this is illegal. It must be a “Client Key Exchange” message.

Please find attached two wireshark captures, a working and failing handshake. In both cases, EDGE has the IP ending in 93 and the SFU the IP ending in 247. Note that “Client key exchange” and “Change cipher spec” arrive almost at the same time. It seems that the order is not controlled, and when the second one arrives first, the handshake fails.

[1] https://tools.ietf.org/html/rfc5246#section-7.4.7


Comments and activity

  • Chrome sends the response including several messages in one packet

  • Microsoft Edge Team

    Changed Assigned To to “Steven K.”

You need to sign in to your Microsoft account to add a comment.

Sign in