Re: [TLS] ECH-10 interop test server

Stephen Farrell <stephen.farrell@cs.tcd.ie> Mon, 05 April 2021 17:07 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1116A3A2009 for <tls@ietfa.amsl.com>; Mon, 5 Apr 2021 10:07:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MSGID_FROM_MTA_HEADER=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=tcdud.onmicrosoft.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2-SkWBcexUo4 for <tls@ietfa.amsl.com>; Mon, 5 Apr 2021 10:07:16 -0700 (PDT)
Received: from EUR02-AM5-obe.outbound.protection.outlook.com (mail-eopbgr00102.outbound.protection.outlook.com [40.107.0.102]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 137F13A2005 for <tls@ietf.org>; Mon, 5 Apr 2021 10:07:15 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=juHNj+WiadCQLcF1GdUIengVNTKBHKi+8+vsq2RTFDkXcLqi+ZVdZOrJgIgE+K/t7z+Ow5byyhaXFlIAnRvVT7dCQ75dCYCFzCIuAcnnVMM0RFdXMqru69HbfXtMC68xsi5wOluraUDNMk1tytEyTHEpHnUDwF2f5APxdDv3sZ6zS3PRdDEPR2Ui7uwBWeF5L/6RjFeFu62p60biaHUrcZvlUuLxThSC/PQrH8+UM+9Tnd18UQiRHHQkB2W95QqVp9s+raDIUlsWPS+fuKkMz0wBTN6TTQfnX/1QpKyn9zLLajcQVk8jLNWa7nTzWrVmfuCpC5g77HUwLU+wF07IMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5y9wVCQqiVVVbmcwqNZ4L7u4toyyadhFnLUe5oz43oQ=; b=flCwzJjZCr22LfRWmqgRXfqgX78+EUxJANWipXc/I6oxga4yFojhWb8oTLrxbEsGtCW/dhq7zN4dDWuqoSMMgFrox40Uk1+rpbiwhcpR+lYe4x/njUgR1oMTcrCA9yMYQZ9Vg+EaKwQ2oYHSTWtgffhFP+lgjWX2krxRjgdPbrrAXZao8aWd0stwC1gAp4ko8AcUWgS8HEMGH8vZtLxfCvUGoNbphC77BCR1rKC5ILnMJMTGd1SBi7lHyR/7I1gK8hu8UR2WTLlbrppXFtk+/b2u3kH1Y1zUB+nQ4HOTBFNcRfic4r94bTi3feJGU5prge/t8RDkQGXoMrAt1ixCvA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=TCDUD.onmicrosoft.com; s=selector1-TCDUD-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=5y9wVCQqiVVVbmcwqNZ4L7u4toyyadhFnLUe5oz43oQ=; b=c8vEbTEHnKNXfpi5BassHtPFgHFlgOG/A+/fn+hiHBzbrhNV+bAc3Q1xDqEYeqXck0ksxSjkdxu0I0MrJSz9WSJi0GoZlWFoRVAIyCoV/nPlKU+cZzIlw6xCq/UmWQadgHLvfztZ8vCzqC1k24Swg6fsQaR9jxgfSjkFnPFzuVg=
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB7PR02MB4123.eurprd02.prod.outlook.com (2603:10a6:10:41::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.26; Mon, 5 Apr 2021 17:07:12 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::2d8d:9193:d3f3:6cc6]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::2d8d:9193:d3f3:6cc6%5]) with mapi id 15.20.3999.032; Mon, 5 Apr 2021 17:07:12 +0000
To: Christopher Patton <cpatton=40cloudflare.com@dmarc.ietf.org>, tls@ietf.org
References: <CAG2Zi23mtGwmpNSvUigOdph8y05MvWV_uGm8H0W=vbRFdZ6euw@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <0069a206-7ca9-e79c-42ae-f2c7633bcc7d@cs.tcd.ie>
Date: Mon, 5 Apr 2021 18:07:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1
In-Reply-To: <CAG2Zi23mtGwmpNSvUigOdph8y05MvWV_uGm8H0W=vbRFdZ6euw@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="o7RH4i8dyjTcg4uSeru3RsqfVCFCTR7qH"
X-Originating-IP: [2001:bb6:5e5e:b458:5609:fb55:85c2:d9ca]
X-ClientProxiedBy: DB6PR0202CA0026.eurprd02.prod.outlook.com (2603:10a6:4:a5::12) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [IPv6:2001:bb6:5e5e:b458:5609:fb55:85c2:d9ca] (2001:bb6:5e5e:b458:5609:fb55:85c2:d9ca) by DB6PR0202CA0026.eurprd02.prod.outlook.com (2603:10a6:4:a5::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3999.28 via Frontend Transport; Mon, 5 Apr 2021 17:07:12 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: dc948013-4d98-4d3b-be55-08d8f8554131
X-MS-TrafficTypeDiagnostic: DB7PR02MB4123:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB7PR02MB41237334D4E00D5B847E5FA7A8779@DB7PR02MB4123.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:193;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: gVUIDrqZP9oT805rC/VZoqiQNRszSQdSPwIqWDIYUTNgNiS6rITuLFLZsGXgFFHON20V0mXcme2D5lp9fEhcrq9TMNhzVjDS3yhL1Qw76/fDsk+5IYY0zJqgR5vULXpXT9+N1udNgMGEm3rP+HHbcoYou8ha4eQC7yK+FpZVJu2bi2oJ0cVIqgX1uNwBisz9IRXIIHbjEXnvC3GRIREZvxE8DpPbWkVvCmZBqDNF6D8IyfPy/sOTBGiFUBudF1lYBDSDuCaAAeyP1vMkJjLR6csObHjxH0e+H3FLxG2ScUXH7TEvXYXEW0UR48UlENbtAWXQUHhRs+vBEgM1OFDlkH2EIgdLjGv6w7U9ftN4mTO2mK1ba8rhb/+D+783fmj/7mJekWBzdCAvXM1rz9r0JoIcMzVv3PAApttkl5ohdXrKo3Y9Qq2Ql0KVcZ6V96qpfNwE2IIezIrH4ZRMd0/lIezmm23oYMX3k62LdS4Qe27Edk5zFIE5PIrP0XtqWNadYMTzYEMgMMlv3gMON1be2ezDWjxSnau9iUbuDxnzBbrwFm8ZHghijbJj7doZ2oqYYzLqq2AAITCQN5IPrAFcRn8EP4lob/jJCKwvEULa0oOK9CdsTxKYR0i7Bg5iBzHF/hnwG8dUDDoPwTLdSqqsK4N1Uzq4IThtqkW+2CLGl061wKwTm40rb4u6WhDTi9YKaeL30l23CERazIAom73t8sIxPTzSNHgnU3GhzgLLXaEjoHtx6HPcJZgT/Aq0tBhzrZ55gwLRG0QP/yWXChaVPF2ARcNEF4GuqRnoGaCoMMg=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(396003)(366004)(39850400004)(346002)(136003)(376002)(2616005)(235185007)(316002)(786003)(86362001)(6486002)(5660300002)(66476007)(8676002)(66946007)(66616009)(83380400001)(21480400003)(66556008)(966005)(478600001)(31686004)(53546011)(186003)(16526019)(44832011)(6666004)(38100700001)(52116002)(36756003)(33964004)(31696002)(2906002)(8936002)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData: =?utf-8?B?a2JBR3REUEhRZS9xVDM3dThyL0VEREovOGxNNXBUNTg1MXg4K21XUWdJK242?= =?utf-8?B?azQ5ZEVTQTlvWDNCRko1ZytBdVMwVUh6c0grbDM2SEZ6SDZXbVN4eldxQmtx?= =?utf-8?B?RWhMN3VTeDhMcGl6S0twWFMwTHJURGNGU2VKb3FsS05kYlJwWUFEWk15NHMy?= =?utf-8?B?Wnl6NjhNZzZMcmhTZmUyWC9IeGhHWG9zUXFkSnc2QWV5YUZXNGo0MDErQmUz?= =?utf-8?B?OVlQUmtwaTFPWGw5dFA2aHREMTdLSEUvMjluVzBmaGdMWTVac0luR1NDSTFj?= =?utf-8?B?M1hkWXl4NEZNT1hMQXFWdVNlZHJSZEl4QUpRcW9PQktzRlBlOG1JdW1oUWhy?= =?utf-8?B?U3hTZzJQeGZGRG9nTFQrRFdsR1hyTW9ieXVzMjZpaldPdDQyNTNJZDEzUFRG?= =?utf-8?B?MTB1MGRqakdOWDFpU2huNmtab1I1TzdCOHFpTy8zSWJzK2gxWXU0QTVpZXVx?= =?utf-8?B?RGV6NjZpTTIwWmNObHZNU1haNTNaQU5lWFc2eGptV1F2eithdmFkbVVGY3VX?= =?utf-8?B?Sjh1Vm5LOG40ZWhJcGRqOWlUeGEwajVlR0FaQjJMNEFoRG1EdkVXdlZGcEd4?= =?utf-8?B?NUlYTFQ0d0krWFZoZlZpR280WWNVL0JYdFgrbnBJb09pQ2xIbEl4eGRzSzgx?= =?utf-8?B?bGFUQ1RrTWtXeGl0R3locFkwUStkTGtCY0ladE5oTFRaMHh0UlBzK1NBOHMw?= =?utf-8?B?VmZBLzA3QjRaWS9QU092TWZxdHFPMnNZRGhvbjJWa3BHSHJPbFVYZXhrbFJU?= =?utf-8?B?blk1Mmt1MmVPVTl6MGhMeWJHSkozMGNlazVyWFF6ZmRxTmNjQjhxUW5pTWVP?= =?utf-8?B?aHQyWWNLNjJOck5wWTZkUHd1N3ZLOEF0OUNDRW9XRDArRTV3SHlNbTJHZFc0?= =?utf-8?B?SmJuelZ0YVJQeTY0U0UzWkQyRU1nTVM0TFNsai9Hc2JrTjZ0bG1LbjBUbWVO?= =?utf-8?B?eStsR0t4YkozM2pKN1FTWWpIRFh2cktWbS9hUis3aDBkN2JsNVdWUWNEOWpK?= =?utf-8?B?enFvQW0vZGNuZ1U2dU5WVk1xYm5WYW9yNjEzb1BuL2RkSS9jYnMwMEpYVWYv?= =?utf-8?B?WHRQZW5WUkp3L0pYMXY3TElvUU9NMWExR09NbnlHd0RRZ0xubng3dHcranhU?= =?utf-8?B?VkFRMUFlbFpaWFQzSjFSR1MyRDlXakNIQ0k2VXZDQ3d0eEJoc0tiaUxERnRh?= =?utf-8?B?VEM0eFFyeXl1R2xHQ3ZGM0RxR2hNZjkxSW9GdkE4VjlpcFkvaklWVUpRclVs?= =?utf-8?B?eU5SUHdRMFVlN204NjhFK1U2ZFRxTEpFSFAwQk0zTTAyQ0lTVTN4MTdqSGhY?= =?utf-8?B?Nlp0K2ZSS09rS3FvVldXY1ZuZmUxdVYrL05jamY2aXl0bGpyOGkrSkgzTTlu?= =?utf-8?B?Um5vVEcyb3hsU2trSnNKcWdHdDF4RUZYU3kvRWZoZEJCSU40OENzUlN1UVRX?= =?utf-8?B?U0ZqYW1ISjVmUEZCTXp0NFZlSmJmaTFMTlozcmwvSUxlSWpBRnhXYm05b2ZM?= =?utf-8?B?MEZreW5tTTFhcDQzam1RMGROVU9ndFpuRmk2ZDVBQWRRQlZFZFQrU3RRdnIv?= =?utf-8?B?N0ZBcVJNZHNPYWZ1Y3lDNWpSL1FWeGZZOHQybk9wVDNnMlBRbFhaY1hGaW1s?= =?utf-8?B?dG5IMTFVZkJEWDZOam9ucGZCQm1rbnc2YitjOW9XNFgvTjhsTWpuRWVwRVdC?= =?utf-8?B?WUFBR2UyVEpBVW91VklTa3lMMjF4TmlRRkR6UURabGJzVUtrbEg4bnRRVTFM?= =?utf-8?B?MTNzcXlRSzU3NFdLRWlWWXhUVzNDWTJvaGVUZWdiS3FEVVJ6dnlQZUdVV1Qr?= =?utf-8?B?bmNOai9lSmVZaFpib0wxM3J4VjZrK20xYnk2V3V0U0dqTzhlWk9wc25BaU1j?= =?utf-8?Q?zDYABFbDdF5Gx?=
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: dc948013-4d98-4d3b-be55-08d8f8554131
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 05 Apr 2021 17:07:12.6380 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: h9/m6jgxDsdAB35bsuIp1uZdQdb6zu6iRd7f8GEnh5M44Zq0KBOEiXJYNI+f+53k
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR02MB4123
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/O6H9JYHJLh2whRX-z_0BqWkqFSs>
Subject: Re: [TLS] ECH-10 interop test server
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 05 Apr 2021 17:07:21 -0000

Hiya,

On 05/04/2021 18:01, Christopher Patton wrote:
> Hi list, just FYI that Cloudflare's test server is upgrading to
> draft-ietf-tls-esni-10 this morning. It should finish rolling out in a few
> hours. Note that we've dropped support for draft-ietf-tls-esni-09.
> 
> The endpoint is https://crypto.cloudflare.com. You'll also find our ECH
> config in the HTTPS resource record.

Good stuff. I have a client that thinks it's ready to go but
we'll see:-)

I also have an openssl s_server running on port 8410 at
draft-10.esni.defo.ie with an ECHConfig published in the DNS
for that. It's probably v. fragile, so likely best to contact
me if playing with it. That works with my draft-10 openssl
s_client and with a build of curl using my fork of the
openssl library.

Cheers,
S.

> 
> Best,
> Chris P.
> 
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>