[ech] TLSProxy and ECH

[Dmitry Belyavsky]

Dear Stephen

On Tue, 21 Mar 2023, 20:40 Stephen Farrell, <stephen.farrell at cs.tcd.ie>
wrote:

>
> Hi Dmitry,
>
> On 21/03/2023 20:24, Dmitry Belyavsky wrote:
> > Dear Stephen,
> >
> > I'd consider TLSfuzzer (written in Python) for this purpose
>
> Adding ECH to TLSfuzzer sounds like a good idea, sure, but
> would that be considered sufficient when it comes time to
> merge a PR that implements ECH? If the project had a longer
> term plan to migrate towards using TLSfuzzer, then using
> it for this purpose would for sure make sense. (And I at
> least speak python badly:-)
>

I have added some basic test scenarios using TLSfuzzer in openssl project,
but I don't have capacity to improve this work yet.

I don't think it would be sufficient for including ECH upstream because it
is an external test, and usually the internal one is requred, but it could
be used as a starting point.

>
> Cheers,
> S.
>
> >
> > On Tue, 21 Mar 2023, 20:19 Stephen Farrell, <stephen.farrell at cs.tcd.ie>
> > wrote:
> >
> >>
> >> Hiya,
> >>
> >> My possibly incorrect understanding is that the TLSProxy
> >> is a bunch of perl code used for tests, that re-implements
> >> variants of the TLS handshake so they can contain e.g. badly
> >> encoded messages.
> >>
> >> Something like that is definitely needed to properly test
> >> ECH, but I don't currently speak perl:-) So I wanted to
> >> check if that perl TLSProxy code is the long term plan or
> >> if it's something felt to be approaching end of life? (I'm
> >> willing to try dive in to it, but don't wanna do that if
> >> some other plan would be better longer term.)
> >>
> >> Thoughts?
> >>
> >> Thanks,
> >> S.
> >> --
> >> ech mailing list
> >> ech at openssl.org
> >> https://mta.openssl.org/mailman/listinfo/ech
> >>
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230321/8bca6c17/attachment.htm>