This is worth working on. When I worked on this problem in Rust, I used Cloudflare's ad-hoc Go serialization, although it looks as though they've changed it since[1].
I wasn't really sure how these things should be stored relative to ECHConfig ids etc, but I came up with a different answer than this draft does (not that I feel strongly) [2]. thanks, Rob [1] https://github.com/cloudflare/go/blob/7d4ce7c5377c6bf6ff5977d4734d6f6f2a10ccdb/src/crypto/tls/ech_config.go#L16 [2] https://github.com/rustls/rustls/pull/663/files#diff-62731cbc005ac23c9805e5f34445ff0d9650b4077f8e35a3fdbe5a885986a779R65 On Fri, Nov 19, 2021 at 6:38 PM Stephen Farrell <[email protected]> wrote: > > Hiya, > > As discussed at IETF112, I've updated the PEM file format > draft for ECH. [1] Happy to take comments via mail or via > that github thing:-) > > As and when the chairs think it's a good time to consider > adoption, or incorporation into the ECH draft, or sending > this somewhere else, I guess we can have that discussion. > > This format is supported by my OpenSSL fork [2] which has > CLI tooling for making/consuming these and can be ingested > by the various TLS servers (lighttpd, apache, nginx and > haproxy) with which I've integrated that ECH-enabled build. > (There're pointers to forks for those servers at [3].) > > I'll work on the well known url draft in the next while. > It likely needs a bit more work than simple substitution. > > Cheers, > S. > > [1] https://datatracker.ietf.org/doc/draft-farrell-tls-pemesni/ > [2] https://github.com/sftcd/openssl/tree/ECH-draft-13a > [3] https://defo.ie/ > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
