[ech] looking for comments on my current APIs for ECH
Kurt Roeckx
kurt at roeckx.be
Mon Dec 19 23:19:51 UTC 2022
Hi,
I think your use of the word session probably confusing, because I think
about an SSL_SESSION *, while I think you're talking abuot an SSL *.
Maybe connection is a better word?
Not having read the draft, is it normal to have multiple public keys as
client? Does that mean you encrypt to all the public keys? I would
expect the client to only have 1, but the server to support multiple.
I currently fail to see the related OSSL_ECH_INFO and SSL_ech_reduce()
and don't see why we need something like that.
I'm not sure it's a good idea to support an API that says to read all
files in a directory matching *.ech.
Kurt
More information about the ech
mailing list