[ech] custom TLS client hello extensions
Stephen Farrell
stephen.farrell at cs.tcd.ie
Fri Mar 3 15:32:10 UTC 2023
Hiya,
On 03/03/2023 09:45, Matt Caswell wrote:
>
> I think the main use case that I'm aware of for custom extensions is to
> support signed_certificate_timestamp. There's no direct built-in support
> for that but its straight forward to add it via a "serverinfo" file
> which uses the custom extensions API.
>
> As previously mentioned we're using it internally for quic transport
> parameters.
So, I don't think there's any sensitivity with that CH
extension, which again seems to argue for an initial
approach of just compressing all custom exts within the
inner CH.
Cheers,
S.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230303/61e4c915/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230303/61e4c915/attachment.sig>
More information about the ech
mailing list