On 22/06/2021 22:57, Christopher Patton wrote:
Just to be clear, (1), (2) and (3) are not alternatives to the same problem. (1) solves client-side padding, whereas (2) and (3) are alternatives for solving server-side padding.
Apologies. (Though I put part of the blame on excessive githubbery leading to a lack of clarity and ambiguity, as is my habit:-) I can live with (1) and (2) but only see any need to change because of the QUIC argument(s) - absent those we can work around things and get ECH out the door IMO. (3) is a mistake - a new handshake message shouldn't be adopted until after that's been tested and shown not to be problematic and I bet it would be problematic as well as lots more work S.
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls