Hiya,
On 05/04/2021 18:07, Stephen Farrell wrote:
Hiya, On 05/04/2021 18:01, Christopher Patton wrote:Hi list, just FYI that Cloudflare's test server is upgrading todraft-ietf-tls-esni-10 this morning. It should finish rolling out in a fewhours. Note that we've dropped support for draft-ietf-tls-esni-09. The endpoint is https://crypto.cloudflare.com. You'll also find our ECH config in the HTTPS resource record.Good stuff. I have a client that thinks it's ready to go but we'll see:-)
Well, surprisingly for me, that appears to have "just worked" with no change to my draft-10 clients (neither s_client nor curl). (In case it helps someone else...) Is there any way that the HTTP response content could differ if ECH succeeded or not? I'm seeing the same 302 response in either case I think but maybe there's some specific pathname or something that'd result in different HTTP responses? Thanks, S.
I also have an openssl s_server running on port 8410 at draft-10.esni.defo.ie with an ECHConfig published in the DNS for that. It's probably v. fragile, so likely best to contact me if playing with it. That works with my draft-10 openssl s_client and with a build of curl using my fork of the openssl library. Cheers, S.Best, Chris P. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
