Hiya,
(Apologies for replying to myself, I didn't get Daniel's reply yet, likely due to the fact that our dept now use outlook instead of self-hosting our mail servers;-( If that persists, I'll probably subscribe to the list via another email addr. I saw the response in the archive though, so...) Hiya, Daniel said:
I also want to mention that we have also discussed adding supportfor HTTPS records for other purposes than ECH. More specificaly for selecting HTTP/3. There has also been voices "out there" talking about an updated take to alt-svc that would use (rely on) it somaybe this record will become a slightly more important piece in our infra going forward.
Makes sense. Be happy to work with someone who knows what might be useful/needed there, or to try make a PR for the non-ECH bits of our "#ifdef USE_HTTPSRR" bits of our current code if/when that's useful. Likely better to first handle the bit below though...
TLS wise: I know wolfSSL already has ECH support in their API and possibly a few of the others libs have too. We need to think a bit there so that we do a proper internal API to allow other TLS backends to get the same functionality with causing too much pain.
Ah, didn't know that. I'll try see if I can do a version that supports ECH with either TLS library. Any pointers to how WolfSSL supports ECH appreciated. That's probably a good next step anyway, as it'll also help decide which bits of code are needed for HTTPS RR in general, which for ECH, and which are TLS library-specific so I'll take a look at that next and get back. Cheers, S.
OpenPGP_0xE4D8E9F997A833DD.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
