working towards a PR for ECH

[Hugo Landau]

Hi Stephen,

First of all, thanks again for the herculean effort on your part in
getting HPKE into OpenSSL.

The OTC would really like to see ECH realised in OpenSSL, as would I
personally. It goes without saying that getting ECH deployed in the
world's most widely used SSL library has the potential to make a great
positive impact in terms of metadata leakage.

For now, I'll create a mailing list ech@ which can be used to discuss
this further. I'll subscribe the OTC to this list, as well as you. We
discussed this briefly at OTC today and would like to invite you to a
meeting of the OTC to discuss ECH sometime in the new year, exact date
TBD.

There is the fact that that since we don't merge implementations of
standards until they are actually standards, this does create an
unfortunate tendency to be late to the game in implementing them once
they actually are standards. But this doesn't have to be the case. While
ECH isn't ratified yet, obviously if we can get a viable draft PR ready
in the meantime which tracks the current I-D, we could hopefully get it
in as soon as it becomes an RFC. I think this is basically what you are
proposing and sounds like a good approach to me.

API discussion is very important and I'd absolutely like to be part of
that discussion. Feel free to get HAProxy, lighttpd, etc. and other
interested parties on the new list, which is open to all.

Yours,
Hugo Landau