[ech] almost ready to make ECH PR - what else'd help reviewers?

Matt Caswell matt at openssl.org
Wed Nov 22 08:33:48 UTC 2023 


On 21/11/2023 21:06, Stephen Farrell wrote:
> 
> Hiya,
> 
> At the recent IETF meeting the TLS WG decided to ask IANA to do
> an early codepoint allocation of the TLS codepoints needed for
> ECH. That's good news as it means there should be no need for any
> "flag day" due to the current deployments (whether experimental
> or other). The TLS WG also still plan to move the draft spec to
> last call soon, so we might have an RFC in the first few months
> of next year.
> 
> In other news, browsers are now shipping with ECH turned on by
> default rather than behind a flag as was previously the case.
> (FF still needs DoH to have been used, but chrome and friends
> seemingly don't.)
> 
> I realise that the OpenSSL policy is to not merge things like
> this until the RFC issues, (which is fine) but this PR will,
> unfortunately be fairly mega-huge, so I expect it'll take quite
> a while to get sufficient review and make the improvements that
> I fully expect reviewers will suggest.
> 
> Given all that, my plan is to create that ECH PR in a week or
> so, with the expectation that it'll also take some months to
> process. But just before doing that, I reckoned it'd be worth
> doing a bit of a rehearsal to see if there's anything else that
> I can do to make review easier.
> 
> So, I've made a branch that's pretty much what I'd put in the
> PR, with all the dev commits squashed down into 7 chunky but
> not too large ones. The diff of that vs. the master branch is
> at [1].
> 

Thanks for that - this will certainly make it easier to review.


> So, my question: what else could I do to make this easier for
> reviewers?
> 

Nothing else is immediately springing to mind.

Matt


> Thanks,
> S.
> 
> PS: Apologies for the size of this, we may be able to make it
> somewhat smaller during processing of the PR (e.g. there's some
> tracing code that can be dropped as we go), but I'm afraid that
> it can't really get that much smaller, sorry;-(
> 
> [1] 
> https://github.com/openssl/openssl/compare/master...sftcd:openssl:pre-pre3
>

More information about the ech mailing list