[ech] ECH added to curl as experimental feature
Stephen Farrell
stephen.farrell at cs.tcd.ie
Tue Apr 16 11:34:21 UTC 2024
Hiya,
An ECH PR [1] we wrote has just been merged with curl
as an experimental feature. (For curl that means it's
not built by default, but adding ``--enable-ech`` to
a local build enables it.)
(Unsurprisingly:-) That PR supports our ECH additions
to OpenSSL, but we also added ECH support to curl via
other TLS stacks (boringssl and wolfssl) that include
ECH already.
In other news, we've also now got a daily CI check of
our various ECH artefacts that can be seen at [2]. In
the case of OpenSSL, that job attempts to merge our
fork with upstream master and runs tests each day and
we get to see fails as they happen. (And fix 'em a day
or two later:-)
All of which is meant to further encourage people to
pretty please do some review of our ECH PR [3] as now
is a great time to make inroads on that before the ECH
RFC issues and other code bases move ahead.
Cheers,
S.
[1] https://github.com/curl/curl/pull/11922
[2] https://github.com/defo-project
[3] https://github.com/openssl/openssl/pull/22938
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xE4D8E9F997A833DD.asc
Type: application/pgp-keys
Size: 1197 bytes
Desc: OpenPGP public key
URL: <https://mta.openssl.org/pipermail/ech/attachments/20240416/dfe1c390/attachment.asc>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 236 bytes
Desc: OpenPGP digital signature
URL: <https://mta.openssl.org/pipermail/ech/attachments/20240416/dfe1c390/attachment.sig>
More information about the ech
mailing list