Question on the details of connection establishment


I’m reading the section on connection establishment here:

Suppose Alice wishes to connect with Bob using only global discovery. She has Bob’s device ID and queries the discosrv for Bob’s connection information namely the IP address and port number. From my understanding, at the point the discosrv replies Alice with Bob’s connection information and does not inform Bob that someone has tried to look up his connection information. After obtaining Bob’s connection information, Alice creates the connection and both parties verifies each other’s certificates. Finally, if everything is successful Bob sees a notification on his GUI asking him to either accept or deny the connection.

Is what I just described correct?

Thank you!

EDIT: Acutally, I’m not sure whether certificate verification happens before or after Bob see the notification.

I’m not an expert around here, but that’s how it works for me.

Bob doesn’t get a notification until connection credentials are presented.

Then, there will be a yellow box at the top of the web GUI informing the user about a new connection request, accept or decline from there.

I guess this describes the case where Bob doesn’t know about Alice from before. What happens in that case is that Bob drops the connection immediately upon receiving Alice’s certificate (as it’s unknown), and then presents the GUI popup asking to accept or not. If it’s accepted, the next connection attempt will go through.

So in the next connection attempt, that’s where the certificate verification happens?

It happens on every connection attempt. But if the device is not known, it fails and the device gets disconnected. This triggers the “someone wants to connect” dialog in the UI.