[New-bugs-announce] [issue45567] Support TLS Encrypted ClientHello (ECH)

Hans-Christoph Steiner report at bugs.python.org
Fri Oct 22 04:59:46 EDT 2021 

New submission from Hans-Christoph Steiner <hans at eds.org>:

The next version of the IETF-standardized TLS protocol is known as Encrypted ClientHello (ECH) [1] formerly known as Encrypted SNI (ESNI). This ticket collects information for ECH support, and tracks which APIs have to be added to Python in order to implement ECH in Python's ssl module.  ECH is built on top of TLSv1.3 and completes the unfinished work from the TLSv1.3 effort.  It is now in draft-13 and there are many implementations that are interoperating.  ECH is working for openssl[2], boringssl[3], nginx, Apache HTTPD, lighttpd, HAProxy, Conscrypt[4], curl, and more.  There is work underway in Firefox [5] and Chromium [6].  It has been sketched out for OkHTTP [7].  Early versions of the standard, known as ESNI, have been deployed in Firefox releases and some production web services.  ECH works in conjunction with the new DNS RR Types HTTPS and SVCB [8].  This means that DNS needs to be handled a bit differently.

As far as I understand it, the ssl module has to gain additional features:

1. HTTPS/SVCB DNS queries for setting up TLS connection with ECH.
2. A way to provide ECH Config Lists as bytes directly to ssl clients.
3. A callback that gets called whenever ECH negotiation fails and the server offers a "Retry Config".
4. A method to ensure encrypted DNS is used so all metadata is encrypted.

OpenSSL does not implement the necessary APIs yet. Stephen Farrell's development OpenSSL fork [9] implements ECH and has been used in Apache HTTPD, nginx, lighttpd, HAProxy, and curl implementations.

The TLS WG maintain a page with information about other implementations:
https://github.com/tlswg/draft-ietf-tls-esni/wiki/Implementations


[1] https://www.ietf.org/archive/id/draft-ietf-tls-esni-13.html
[2] https://github.com/openssl/openssl/issues/7482
[3] https://bugs.chromium.org/p/boringssl/issues/detail?id=275
[5] https://bugzilla.mozilla.org/show_bug.cgi?id=1725938
[6] https://bugs.chromium.org/p/chromium/issues/detail?id=1091403
[6] https://github.com/google/conscrypt/issues/730
[7] https://github.com/square/okhttp/issues/6539
[8] https://www.ietf.org/archive/id/draft-ietf-dnsop-svcb-https-07.html
[9] https://github.com/sftcd/openssl

----------
assignee: christian.heimes
components: SSL
messages: 404732
nosy: christian.heimes, eighthave
priority: normal
severity: normal
status: open
title: Support TLS Encrypted ClientHello (ECH)
type: enhancement

_______________________________________
Python tracker <report at bugs.python.org>
<https://bugs.python.org/issue45567>
_______________________________________

More information about the New-bugs-announce mailing list