Hi. Work I was involved in to add ESNI support to libcurl was suspended quite a number of months ago as the IETF TLS WG decided on, and since specified, a different approach. After dealing with some other distractions, I expect to pick this up again soonish, but most likely not before the new year.
Here is a summary of the new situation. - ESNI is no longer an independent feature, but an element of Encrypted Client Hello (ECHO); - SVCB and HTTPS records have been introduced in the DNS for binding (alternative sets of) service parameters to a hostname; - To support ECHO, an application will need to look for SVCB or HTTPS RRs, not just A and AAAA RRs; - POSIX getaddrinfo() only provides data from A and AAAA RRs, so will no longer be adequate. For those who are interested, here is a link to a presentation explaining the SVCB and HTTPS resource records, which was given at an interim virtual meeting of the RIPE DNS Working Group early in October; it has only recently become available on the RIPE website. https://www.ripe.net/participate/ripe/wg/active-wg/dns/remote-sessions/svcb_https_-ripe-2020.pdf Best regards, Niall O’Reilly ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
