On Mon, Apr 5, 2021 at 10:02 AM Christopher Patton <cpatton= 40cloudflare....@dmarc.ietf.org> wrote:
> Hi list, just FYI that Cloudflare's test server is upgrading to > draft-ietf-tls-esni-10 this morning. It should finish rolling out in a few > hours. Note that we've dropped support for draft-ietf-tls-esni-09. > > The endpoint is https://crypto.cloudflare.com. You'll also find our ECH > config in the HTTPS resource record. > I've gotten a Rustls client to interoperate with this server, but I had some trouble triggering HRR, since Rustls always sends a key-exchange group in TLS 1.3. I managed to hack up a ClientHello and handshake with no initial key-exchange group, but perhaps it could be easier. It might be nice to have this server reject secp384r1 and offer X25519 in an HRR, or something like that. thanks, Rob
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
