[PATCH 1 of 2] SSL: Encrypted Client Hello (ECH) support
Maxim Dounin
mdounin at mdounin.ru
Tue Sep 9 14:18:23 UTC 2025
Hello!
On Tue, Sep 09, 2025 at 12:55:56PM +0100, Stephen Farrell wrote:
> Great to see that. I'll give it a try in a day or two (travelling
> at the moment). One initial question: the configuration directive
> you added differs fron what we suggested for nginx and apache (we
> suggested a directive names a directory of ECH PEM files), so I'm
> wondering if there was a specific reason to take that approach?
I personally don't think that a directory with files is a great
approach to managing keys, and rather prefer explicit
specification of which files to use as keys instead. In
particular, this approach makes it easier to check files provided
and complain if there are any issues, such as accidental
corruption. It also makes it possible to easily specify which
key(s) should be used for retries (currently the first one
specified; can be extended to an explicit flag if more than one
retry key will be needed).
Also, I don't think that more than 3 keys are actually needed
here, even considering automatic rotation (that is, current key,
next key, and previous key), and a directory for just 3 keys looks
like an overkill to me.
Last but not least, the approach with explicitly specified keys is
in line with what [free]nginx already uses for TLS session ticket
keys (http://freenginx.org/r/ssl_session_ticket_key). Using the
same approach for Encrypted Client Hello keys is quite natural.
I believe I've previously suggested to use this approach during
early review of your ECH patches.
[...]
--
Maxim Dounin
http://mdounin.ru/
More information about the nginx-devel
mailing list