[ech] custom TLS client hello extensions

Stephen Farrell stephen.farrell at cs.tcd.ie
Thu Mar 2 13:53:17 UTC 2023


On 02/03/2023 13:31, Salz, Rich wrote:
> I think a reasonable thing to do, in the initial implementation, is
> to say that custom extensions only appear in the outer hello message.

Almost. The custom ext type would also need to be in the
inner CH (in compressed form) to get best interop I guess.

Beyond that, it could get complex very easily, with all
the potential mixtures of inner, outer, compressed and
same or different values in inner and outer. APIs for all
that could be added, but I'm very unsure what'd be useful.
(E.g. using a server API that provided a map of which
extension values had been seen where could be a bit of a

> But maybe I'm wrong, is there a particular extension you are thinking
> of?

Nope. Fact is, I don't know anything about how these
are/have been used, so I'm trying to find out a bit.
(Any more info/pointers appreciated.)

I could envisage all sorts of PII being put in such
extensions, for example, and if that were the case, it
may well make sense to provide more fully featured
APIs. But if that doesn't happen, then probably better
to leave such for another day.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230302/2b694e68/attachment-0001.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230302/2b694e68/attachment-0001.sig>

More information about the ech mailing list