IETF Logo Mail Archive

Re: [TLS] ESNI/ECH: minor progress, much githubbery

Rob Sayre <sayrer@gmail.com> Tue, 29 September 2020 18:00 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB6F93A0FF8 for <tls@ietfa.amsl.com>; Tue, 29 Sep 2020 11:00:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id E0uTrIsdChNX for <tls@ietfa.amsl.com>; Tue, 29 Sep 2020 11:00:05 -0700 (PDT)
Received: from mail-io1-xd30.google.com (mail-io1-xd30.google.com [IPv6:2607:f8b0:4864:20::d30]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7C6343A0FC2 for <tls@ietf.org>; Tue, 29 Sep 2020 11:00:04 -0700 (PDT)
Received: by mail-io1-xd30.google.com with SMTP id k6so3510371ior.2 for <tls@ietf.org>; Tue, 29 Sep 2020 11:00:04 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=h7hmQ/Kz/Woa+pgkie3WymxlIP7/mh1u9ucWxa/GK/8=; b=V1DVjiwj3IVHq3HVv+a9LyUQNL6G1ys83TYNXenAt9pShWSN827G7qeLaKyBnmaWYy Xr1rid3oUrKtntH2p5QxlWQpH41XNofz/61wu3Nz2fjmdvZvsmTEXS7wU7TkwE2tCZJ5 0kjgCyv60AnsDUUYlAtkCabKpk7H0Pnc5pPaHEPyne8GZa3cUA5RREa4yjGhqWcFZFrC ee4QKyeCz8DQnYjyQFXEApXF5FvQCQvIpuoIhDlWDNjaff6STiQxfpyAF08cCM74fROC ajkYsfX3o8Klx20XvCwmjLznbzCONrJHcCKpbZI2tojkVYv+RfI146gCT1WkithXmvYb Ibqg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=h7hmQ/Kz/Woa+pgkie3WymxlIP7/mh1u9ucWxa/GK/8=; b=s5sq5l9+VIAa9RMLKMEsbWq9i5V5e8o7l0GnQ2IuHhuuwTvtWgWMk7x3rdTpubv3be CWxHua7eL/5EF5uO107fyYSUCY+870p+XXekcLCemgqZv4ANr8z9VOysoKHC/MQ2mAtj pQaEyN7Qw6caF+qrcFrSzZPnBR90lG55rWu/k84UjY/5N/9Y9S/xeHyaKBz3MpqVRswQ G/VH7yiGIjxMd1GmtfATyGhglunrfnY2YWR/2zC78YAOiDdtQ/DCikXhyeyhE5TWpy33 FZmeuhnr+KExWHEgYdxOiDJMZYapWKDGC3s6wO4Qzg6ZK0SP60eAX7UOjGMvgFSxeoQ3 aBzw==
X-Gm-Message-State: AOAM531ZXt8VOtpiz9LQlWC1990KZitXv+yjBXgJadHt1rSWdv2KOA3s SAKo1SrImD0sbTNlwBu7EZdq5Nf9jzHwdHGsG6g=
X-Google-Smtp-Source: ABdhPJwyrIzWNQCLUcYPNUUKAwQZ3FFYlkVpw9BYUPdUibERIB5Ggb9QGtiTS53/VWCTFutZJ7voaGDi97oKp/ipIV4=
X-Received: by 2002:a02:c486:: with SMTP id t6mr4024238jam.131.1601402403680; Tue, 29 Sep 2020 11:00:03 -0700 (PDT)
MIME-Version: 1.0
References: <72d35b92-ea36-b6b7-5e35-ba528ba5faf7@cs.tcd.ie> <CAChr6SyObv29gzofL4yL29nNXxVGR5xZcafK0oTz9qnAQ2Yf6Q@mail.gmail.com> <CAG2Zi23_aEckzY3Ahawx=A3N7N=Hk1g7jcrvf9Wh83LJtopU4g@mail.gmail.com>
In-Reply-To: <CAG2Zi23_aEckzY3Ahawx=A3N7N=Hk1g7jcrvf9Wh83LJtopU4g@mail.gmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Tue, 29 Sep 2020 10:59:52 -0700
Message-ID: <CAChr6SwaZwzRE3pV1eO19gmB2wsO9azuDks=hHZniJoMF0UzPw@mail.gmail.com>
To: Christopher Patton <cpatton@cloudflare.com>
Cc: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000069f56105b0778db0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/WTkhtSWEzwJ2pGBzPpaM1GbPlVs>
Subject: Re: [TLS] ESNI/ECH: minor progress, much githubbery
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 29 Sep 2020 18:00:12 -0000

On Tue, Sep 29, 2020 at 7:50 AM Christopher Patton <cpatton@cloudflare.com>
wrote:

> Hi Rob,
>
>
>> Are there OpenSSL / NSS / etc implementations others can work from?
>> Probably the best way to lock this in and ship is to write the code.
>>
>
> There are three implementations I'm aware of, all works in progress:
>
>    1. Cloudflare's prototype (written by me):
>    https://github.com/cloudflare/go/pull/30
>    2. boringSSL:
>    https://bugs.chromium.org/p/boringssl/issues/detail?id=275
>    3. NSS: https://bugzilla.mozilla.org/show_bug.cgi?id=1654332
>
> The first (1.) is nearly complete and undergoing review.
>

Great. I will work to get Rustls interoperating with it. The current
code[1] only implements draft -02.

thanks,
Rob

[1] https://github.com/ctz/rustls/pull/318

v2.23.0 | Report a Bug | By Email