On Thu, Jun 01, 2023 at 02:15:57PM +0200, Aleksandar Lazic wrote:
> Hi,
>
> As we have now a shiny new LTS let's take a look into the future :-)
>
> As the Wolfssl looks like a good future alternative for OpenSSL is there
> any plan to add ECH (Encrypted client hello) (
> https://github.com/haproxy/haproxy/issues/1924 ) into Wolfssl?
>
> Is there any Idea which feature is planed to be added by HAProxy Company
> from the feature requests
> https://github.com/haproxy/haproxy/labels/type%3A%20feature ?
>
> Regards
> Alex
>
As far as I know ECH is still a draft and was not release yet, it looks
like it was already integrated in wolfssl though:
https://www.wolfssl.com/encrypted-client-hello-ech-now-supported-wolfssl/
But since the RFC is not released yet their implementation would
probably change.
But this won't probably not be usable for HAProxy since we are using the
OpenSSL compatiblity layer.
If you want to discuss this, please continue on the haproxy github
ticket or we will again split the discussion between multiple support..
--
William Lallemand
