Re: [TLS] ECH -09 interop
Hi Rob, all, Cloudflare is now running an ECH test server here: https://crypto.cloudflare.com We're running draft-ietf-tls-esni-09. The HTTPS resource record containing the current ECH config is available in DNS. Please let me know if you observe any bugs or otherwise have issues. Our Go implementation can be found here: https://github.com/cloudflare/go/tree/cf/src/crypto/tls Thanks! And for those in the US, happy inauguration day! - Chris P. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] ECH -09 interop
On Wed, Dec 16, 2020 at 10:06 AM Christopher Wood wrote: > > As discussed during the interim, we feel this is a suitable candidate to > freeze and perform larger interop. We'd like to use this version to gain > larger deployment experience. To help track interop, we borrowed and > adapted the interop matrix from the QUIC WG. The spreadsheet is available > from the ECH interop page, located here: > >https://github.com/tlswg/draft-ietf-tls-esni/wiki/Draft--09-Interop > > Suggestions on additional features test beyond the core ones list are > certainly welcome. > Thanks for starting this page. One question I have: where is one to find the DNS records specified in HTTPS-RR*? I used the public Cloudflare DNS records for draft -02. Either public servers or just instructions on setting this up with test servers (e.g. Cloudflare's Go implementation) would help. thanks, Rob * https://tools.ietf.org/html/draft-ietf-dnsop-svcb-https-02 ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
[TLS] ECH -09 interop
Hi folks, draft-ietf-tls-esni-09 is out. You may view the diff here: https://tools.ietf.org/rfcdiff?url2=draft-ietf-tls-esni-09.txt It pins the latest version of HPKE (draft-07) that is about to enter IRSG review. Major HPKE implementations are already moving towards (or have moved) to draft-07. See the list of implementations on the draft repository for more information: https://github.com/cfrg/draft-irtf-cfrg-hpke As discussed during the interim, we feel this is a suitable candidate to freeze and perform larger interop. We'd like to use this version to gain larger deployment experience. To help track interop, we borrowed and adapted the interop matrix from the QUIC WG. The spreadsheet is available from the ECH interop page, located here: https://github.com/tlswg/draft-ietf-tls-esni/wiki/Draft--09-Interop Suggestions on additional features test beyond the core ones list are certainly welcome. If you have an implementation and would like to have it listed on the matrix, please either drop a comment on the spreadsheet, send the draft authors an email, or just share it on the list, and someone will add it. Note that there are still a number of outstanding issues to resolve, particular around HRR and the padding mechanism. Hopefully we can resolve these soon (before the next meeting?). Thanks to everyone who contributed to this version of the spec. I look forward to seeing some ECH deployment! Best, Chris ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls