[Simple] COMEDIA vs MSRP Relays: COMEDIA-TLS

[Ben Campbell <ben at nostrum.com>]

(As individual)

We've had quite a bit of discussion about how the Transport Connection  
Addressing Section (draft-ietf-simple-msrp-acm-00 section 4.2) may or  
may not work with MSRP relays. I'd like to make sure we're not  
neglecting how the COMEDIA Usage section (Section 4.1 and children)  
interact with MSRP relays.

I think there are some open questions. Since each one seems likely to  
generate a thread of discussion, I'm sending them separately:

How does COMEDIA-TLS work with MSRP relays? (There has been some  
discussion on this one, but I don't recall any conclusions)

If I understand correctly, RFC 4572 is really only designed for the  
use of self-signed TLS certs. At least, it states parties to a TLS  
session MUST provide certificate fingerprints. This is an issue for  
MSRP relays, as relays are not involved in the SDP offer/answer, and  
the endpoints are not going to necessarily know the fingerprints of  
certificates used by a relay. Also, it's quite likely that an MSRP  
relay will use a cert signed by a well-known CA, where a fingerprint  
would not add much value.