working towards a PR for ECH

Stephen Farrell stephen.farrell at
Tue Dec 13 13:22:52 UTC 2022


That was a quick response! (Which is great.)

On 13/12/2022 11:07, Hugo Landau wrote:
> Hi Stephen,
> First of all, thanks again for the herculean effort on your part in
> getting HPKE into OpenSSL.
> The OTC would really like to see ECH realised in OpenSSL, as would I
> personally. It goes without saying that getting ECH deployed in the
> world's most widely used SSL library has the potential to make a great
> positive impact in terms of metadata leakage.
> For now, I'll create a mailing list ech@ which can be used to discuss
> this further. I'll subscribe the OTC to this list, as well as you. We
> discussed this briefly at OTC today and would like to invite you to a
> meeting of the OTC to discuss ECH sometime in the new year, exact date
> TBD.

Excellent! I'll send starter mail to that list (mostly for
the archive) then send out a few pointers to it with a view
to starting discussion in the new year. (BTW, if it helps
to make me another mailman admin for that list, happy to
do that if you want, or to not do it if you're good.)

WRT state of play/timing for ECH and doing a call: very
happy to do that as suits the OTC schedule.

> There is the fact that that since we don't merge implementations of
> standards until they are actually standards, this does create an
> unfortunate tendency to be late to the game in implementing them once
> they actually are standards. But this doesn't have to be the case.

Right. Shortening that delay seems good in general so, if it
works, this may be a useful modus operandi to keep in mind
for other drafts of (some) upcoming standards.

> While
> ECH isn't ratified yet, obviously if we can get a viable draft PR ready
> in the meantime which tracks the current I-D, we could hopefully get it
> in as soon as it becomes an RFC. I think this is basically what you are
> proposing and sounds like a good approach to me.
> API discussion is very important and I'd absolutely like to be part of
> that discussion.

My plan is to do a bit more work on the current APIs over
the holidays then kick off discussion of those on the list
early in the new year.

> Feel free to get HAProxy, lighttpd, etc. and other
> interested parties on the new list, which is open to all.

Will do,


> Yours,
> Hugo Landau
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x5AB2FAF17B172BEA.asc
Type: application/pgp-keys
Size: 5564 bytes
Desc: OpenPGP public key
URL: <>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <>

More information about the openssl-project mailing list