On Thu, Jun 01, 2023 at 02:15:57PM +0200, Aleksandar Lazic wrote: > Hi, > > As we have now a shiny new LTS let's take a look into the future :-) > > As the Wolfssl looks like a good future alternative for OpenSSL is there > any plan to add ECH (Encrypted client hello) ( > https://github.com/haproxy/haproxy/issues/1924 ) into Wolfssl? > > Is there any Idea which feature is planed to be added by HAProxy Company > from the feature requests > https://github.com/haproxy/haproxy/labels/type%3A%20feature ? > > Regards > Alex >
As far as I know ECH is still a draft and was not release yet, it looks like it was already integrated in wolfssl though: https://www.wolfssl.com/encrypted-client-hello-ech-now-supported-wolfssl/ But since the RFC is not released yet their implementation would probably change. But this won't probably not be usable for HAProxy since we are using the OpenSSL compatiblity layer. If you want to discuss this, please continue on the haproxy github ticket or we will again split the discussion between multiple support.. -- William Lallemand
