Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Support for Encrypted ClientHello (ECH) #3905

Closed
eike0 opened this issue Jun 16, 2023 · 7 comments
Closed

Support for Encrypted ClientHello (ECH) #3905

eike0 opened this issue Jun 16, 2023 · 7 comments
Labels
blocked IETF draft / RFC

Comments

@eike0
Copy link

eike0 commented Jun 16, 2023

Hi, I need ECH when connecting to a quic server.
I know it is a draft but is there any plan for implementing it?
If I want to implement it myself where should I start? (I'm pretty noob in go).
@marten-seemann marten-seemann changed the title Support for encrypted client hello Support for Encrypted ClientHello (ECH) Jun 21, 2023
@marten-seemann
Copy link
Member

I'm surprised you're saying that you need it. I'm not aware of any ECH deployments on QUIC at this point. Which server are you trying to connect to?

I agree that this would be valuable to have. This will require a TLS stack that supports ECH. As we're switching to crypto/tls with the Go 1.21 release, ECH would need to be implemented by the standard library. This will most likely (at the very least) require the draft to be published as an RFC, so realistically speaking, we won't be able to support ECH for a year or so.

@eike0
Copy link
Author

eike0 commented Jun 21, 2023

Unfortunately, no open-source server currently supports it in their stable versions but there are some ECH implementations here: defo.ie.
I plan on using Cloudflare which currently supports it.

Sounds like I would need to implement it in your fork of crypto/tls, I don't know how but I'm going to try.

@marten-seemann
Copy link
Member

Please don’t. This fork is going to be removed within a couple of weeks. quic-go will only rely on crypto/tls, no more forks necessary.

@eike0
Copy link
Author

eike0 commented Jun 21, 2023

Thanks for your warning, assuming go 1.21 realases, can I fork crypto/tls from there and implement ECH on that?

@nekohasekai
Copy link
Contributor

I've made a tested fork of quic-go that supports ECH. ECH support is extracted from crypto/tls in cloudflare/go.

Source: https://github.com/SagerNet/quic-go/commits/dev

Usage: SagerNet/sing-box@638c209

@likev likev mentioned this issue Oct 6, 2023
Open
@WolfCanglong WolfCanglong mentioned this issue Oct 13, 2023
Open
@marten-seemann
Copy link
Member

There seems to be some progress on the standard library side, albeit only on the client side: golang/go#63369 (comment)

@marten-seemann
Copy link
Member

I'm going to close this issue, since this is now purely a crypto/tls issue. With golang/go#63369, crypto/tls would gain client-side ECH support. No changes to quic-go will be needed for that.

Similarly, if / when the standard library decides to add server-side ECH support, it is expected that no changes to quic-go will be needed either. Therefore, this issue is not actionable (in quic-go).

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
blocked IETF draft / RFC
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@marten-seemann @nekohasekai @eike0