[ech] A bit of context before we kick-off discussion...
Stephen Farrell
stephen.farrell at cs.tcd.ie
Tue Dec 13 14:49:23 UTC 2022
Hi all,
This message is mainly so there's something in the
archive as we try get folks to subscribe to this list
and then kick off discussion early in the new year.
As the list info says: "This temporary list has been
created for discussing possible future implementation
of Encrypted ClientHello in OpenSSL."
A bit more context below from my POV:
The draft specification for ECH is [1] and is fairly
stable - it's more or less static as people try gain
experience with implementation and deployment, so
will hopefully become an RFC in the not too distant
future. (Predictions, eh:-) OpenSSL project policy
is (IMO correctly) to not merge code for things like
this until the RFC has issued. Discussion on this list
is aimed to shorten the gap between an RFC popping out
and ECH code being ready to merge. (I learned a lot from
the extended processing of my HPKE PR [2] and suggested
this list as a way to help to get a PR for ECH ready for
processing a bit more easily - and thanks to the OpenSSL
team for creating this list!)
My hope is this list ends up with a bunch of folks that
are interested in how OpenSSL will implement ECH, and
those interested in the set of APIs that'll be exposed
to applications that want to use ECH with OpenSSL. (So
this is more for developers contributing to OpenSSL, or
using OpenSSL, or for those working on other ECH code.)
There are already ECH implementations available as part
of NSS and boringssl, and those have been integrated with
web browsers (behind flags for now), there is also an
experimental cloudflare deployment (I believe with their
own implementation) and many others are interested too.
Along with some others (and funded via OTF) we've been
working on an OpenSSL ECH implementation [3, 4] for the
last while. That works and interops with other ECH code,
(as shown at [4]) but will need plenty of work before
being ready for creating a credible PR. And who knows,
maybe someone else is also working on related parts of
this or on ways we could split an eventual PR into more
easily consumed chunks. (It'll not be small, otherwise;-)
Other than getting relevant folk subscribed, my initial
goal for this list is to get some review of the APIs we've
developed as part of [3]. I plan to do some more work on
tidying those up over the holidays and then to try kick
off a discussion of those (fixing things in [3] as I go).
I've also a bunch of questions tee'd up for later, e.g.
about how our implementation currently works, where I
guess the project would prefer things be done differently,
but I think it's better to get to those after API stuff
is more stable and reviewed.
Cheers,
Stephen.
[1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
[2] https://github.com/openssl/openssl/pull/17172
[3] https://github.com/sftcd/openssl/blob/ECH-draft-13c/esnistuff/README.md
[4] https://defo.ie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5AB2FAF17B172BEA.asc
Type: application/pgp-keys
Size: 5564 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20221213/47c9a984/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20221213/47c9a984/attachment.sig>
More information about the ech
mailing list