IETF Logo Mail Archive

[TLS] ECH -09 interop

Christopher Wood <caw@heapingbits.net> Wed, 16 December 2020 18:06 UTC

Return-Path: <caw@heapingbits.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 36F6E3A0A94 for <tls@ietfa.amsl.com>; Wed, 16 Dec 2020 10:06:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Level:
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H3=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b=ChYrUngP; dkim=pass (2048-bit key) header.d=messagingengine.com header.b=RDn+byVW
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id y12j-pLEJY41 for <tls@ietfa.amsl.com>; Wed, 16 Dec 2020 10:06:24 -0800 (PST)
Received: from out2-smtp.messagingengine.com (out2-smtp.messagingengine.com [66.111.4.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EDAC3A0A70 for <TLS@ietf.org>; Wed, 16 Dec 2020 10:06:24 -0800 (PST)
Received: from compute4.internal (compute4.nyi.internal [10.202.2.44]) by mailout.nyi.internal (Postfix) with ESMTP id 55D455C008E for <TLS@ietf.org>; Wed, 16 Dec 2020 13:06:23 -0500 (EST)
Received: from imap4 ([10.202.2.54]) by compute4.internal (MEProxy); Wed, 16 Dec 2020 13:06:23 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=mime-version:message-id:date:from:to:subject:content-type; s= fm3; bh=AZMENVy/cbJrLbjNiVGi5KY8ElcSlEFU5OizImSZp2U=; b=ChYrUngP vI2RHqsrjb2vxqPJr5RvlZ3v8/cNCszmMp9jsBgf+E0R7lYprGiY/iOzbriBfM3l awXcvZG40vjMYn3GBe6vrmd41n1mf6/L2ouDgMBd2kwMdWjS4Eun+kpHp5pGawHO pV8HfuKJeMu7FWW+pFerHlB/IQWUhyMg5XoGDroRtAEoMsFA3754noGlvKPbHZhS B3z0Lf9hKDPZ4zasdvb7IIVLQtskviViJtfoizXRozqRNu4HY5b4ofEXBspIsMqU Q2oWHObkB/IY8gRkJ12ISa8p1J2Bo3rYHoSaPPKAdqeEZXz0AaYazs5h93hUKe2N Jrxuz9l2dmRDdg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=content-type:date:from:message-id :mime-version:subject:to:x-me-proxy:x-me-proxy:x-me-sender :x-me-sender:x-sasl-enc; s=fm1; bh=AZMENVy/cbJrLbjNiVGi5KY8ElcSl EFU5OizImSZp2U=; b=RDn+byVWGW7igQw7oy2xI0Jz0DDBCNz5gsA5eSLVwdxZU 9Z82eLsHAxjv8mzsuEFkupK3OideUsS4WXdLKisUD7YnfR5IiZLaPX6Rul0Z3+x2 D95PkumjoqFeXBdwP32tEJ4rjD6J20KF7Vv4lVOkvuzDwfSOV/NHYeC8drtU7KQI gsyrvHWA8/qZMBl42+gZ2+YzVXhnpZExQYFMUA0FTJ+Bm+IvSugE4kAMmLinPDG+ P63AOijQ+DzzghPJVo9LKBtkkbbSZ1ireXbJ93XCOxDrj4tqTHadKTPQOdJwOBGK CIwbF/o4+FpvcVp66gHKPGQmgoMDZV/l9iXf8a7zg==
X-ME-Sender: <xms:nkzaX3esiFz19p3fCMW34YBewEB4djI88PWPCkrgVISVdXLgt4Pe3Q> <xme:nkzaX9N0zqgZVDHfqJDdDBozABb2a4RaElxNqDPvKy62H6mFgt0lolDRnX1BPs5rs sBUI58-9h8l0xUJUAI>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedujedrudelvddgudduudcutefuodetggdotefrod ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh necuuegrihhlohhuthemuceftddtnecunecujfgurhepofgfggfkfffhvffutgesthdtre dtreertdenucfhrhhomhepfdevhhhrihhsthhophhhvghrucghohhougdfuceotggrfies hhgvrghpihhnghgsihhtshdrnhgvtheqnecuggftrfgrthhtvghrnhephedvkeelveette eluddutdelgfduveffleelteeiteehhfekteevtdeuhfetieehnecuffhomhgrihhnpehi vghtfhdrohhrghdpghhithhhuhgsrdgtohhmnecuvehluhhsthgvrhfuihiivgeptdenuc frrghrrghmpehmrghilhhfrhhomheptggrfieshhgvrghpihhnghgsihhtshdrnhgvth
X-ME-Proxy: <xmx:nkzaXwiowQDS9rOEQk4hMs593Fq-NdGZaVEUpf7prcUAuqzCR2O1tg> <xmx:nkzaX48nr2vG7x-eG_Gisre_cF4a9AWwFc0-0EaX5EHdJJeRgNyaYA> <xmx:nkzaXzsWNu03xT1xcIh9E5umYHyfZDf8SDdwm4gju48NquX_WlS45w> <xmx:n0zaXx6PPzMEh2qOc3tz_Bw7Zyzngq5FN5YWLQmUizC7FDL6RXLBGg>
Received: by mailuser.nyi.internal (Postfix, from userid 501) id A5DDE3C00A1; Wed, 16 Dec 2020 13:06:22 -0500 (EST)
X-Mailer: MessagingEngine.com Webmail Interface
User-Agent: Cyrus-JMAP/3.3.1-61-gb52c239-fm-20201210.001-gb52c2396
Mime-Version: 1.0
Message-Id: <502c04f9-3601-4e35-97c6-67bdcd6fe467@www.fastmail.com>
Date: Wed, 16 Dec 2020 10:06:02 -0800
From: Christopher Wood <caw@heapingbits.net>
To: "TLS@ietf.org" <TLS@ietf.org>
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ZtLcWScp8u-7YkDEpZJrHm5low8>
Subject: [TLS] ECH -09 interop
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 16 Dec 2020 18:06:29 -0000

Hi folks,

draft-ietf-tls-esni-09 is out. You may view the diff here:

   https://tools.ietf.org/rfcdiff?url2=draft-ietf-tls-esni-09.txt

It pins the latest version of HPKE (draft-07) that is about to enter IRSG review. Major HPKE implementations are already moving towards (or have moved) to draft-07. See the list of implementations on the draft repository for more information:

   https://github.com/cfrg/draft-irtf-cfrg-hpke

As discussed during the interim, we feel this is a suitable candidate to freeze and perform larger interop. We'd like to use this version to gain larger deployment experience. To help track interop, we borrowed and adapted the interop matrix from the QUIC WG. The spreadsheet is available from the ECH interop page, located here:

   https://github.com/tlswg/draft-ietf-tls-esni/wiki/Draft--09-Interop

Suggestions on additional features test beyond the core ones list are certainly welcome. If you have an implementation and would like to have it listed on the matrix, please either drop a comment on the spreadsheet, send the draft authors an email, or just share it on the list, and someone will add it.

Note that there are still a number of outstanding issues to resolve, particular around HRR and the padding mechanism. Hopefully we can resolve these soon (before the next meeting?). 

Thanks to everyone who contributed to this version of the spec. I look forward to seeing some ECH deployment!

Best,
Chris

v2.23.0 | Report a Bug | By Email