Hiya,
(I'm just getting around to playing with draft-13 ECH and HRR and have a question...) In 6.2 talking about GREASEd ECH, the draft says: If sending a second ClientHello in response to a HelloRetryRequest, the client copies the entire "encrypted_client_hello" extension from the first ClientHello. The identical value will reveal to an observer that the value of "encrypted_client_hello" was fake, but this only occurs if there is a HelloRetryRequest. I don't object to that, but can't recall why we wanted the same value re-tx'd. (My code just naturally generated a new GREASE ECH value and it all worked fine, so being the lazy person I am, I'm wondering if doing nothing is a good option:-) Ta, S.
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls