[ech] TLSProxy and ECH

Stephen Farrell stephen.farrell at cs.tcd.ie
Wed Mar 22 13:15:27 UTC 2023

Hi Hubert,

On 22/03/2023 11:11, Hubert Kario wrote:
> On Tuesday, 21 March 2023 21:24:38 CET, Dmitry Belyavsky wrote:
>> Dear Stephen,
>> I'd consider TLSfuzzer (written in Python) for this purpose
> While tlsfuzzer doesn't support ECH (or the earlier ESNI) it's something
> we'd definitely like to have: 
> https://github.com/tlsfuzzer/tlsfuzzer/issues/606

I might be able to spend a bit of time on that in the
coming months, or (even better:-) find someone else to
look at it. Will get back when/if something's up there.


> Tlsfuzzer is also integrated into openssl test suite (though not all test
> cases are executed).
> The other upside is that tlsfuzzer is intended to be
> server-agnosic, so test cases in it will be useful for other 
> implementations
> too (improving interoperability in general).
> In some ways it's also useful in that it re-implements all the algorithms
> in pure python (for portability) so it effectively also tests the 
> algorithms
> against a completely different implementation.
>> On Tue, 21 Mar 2023, 20:19 Stephen Farrell, <stephen.farrell at cs.tcd.ie>
>> wrote:
>>> Hiya,
>>> My possibly incorrect understanding is that the TLSProxy
>>> is a bunch of perl code used for tests, that re-implements
>>> variants of the TLS handshake so they can contain e.g. badly
>>> encoded messages.
>>> Something like that is definitely needed to properly test
>>> ECH, but I don't currently speak perl:-) So I wanted to
>>> check if that perl TLSProxy code is the long term plan or
>>> if it's something felt to be approaching end of life? (I'm
>>> willing to try dive in to it, but don't wanna do that if
>>> some other plan would be better longer term.)
>>> Thoughts?
>>> Thanks,
>>> S.
>>> -- 
>>> ech mailing list
>>> ech at openssl.org
>>> https://mta.openssl.org/mailman/listinfo/ech
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230322/0d23e758/attachment-0001.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20230322/0d23e758/attachment-0001.sig>

More information about the ech mailing list