caddy-l4 icon indicating copy to clipboard operation
caddy-l4 copied to clipboard
verified publisher icon mholt

Questions about ECH support

Open stratself opened this issue 3 months ago • 2 comments

Hi, I'd like to set up a Caddy-l4 server to accept ECH, and do SNI/QUIC-SNI routing based on the decrypted Inner ClientHello without terminating TLS. I believe this makes Caddy-l4 act as a client-facing server in the Split Mode topology of the draft spec.

I'd like to ask: could it be some day supported in Caddy-L4?

I guess this would probably involve reading SNI matchers for the anonymity set, and remove certs management entirely from Caddy-L4's side. Though I'm not qualified to speak of implementation details

Please let me know if this can be possible, thanks in advance

~~Further thoughts (just leaving them here if that's okay):~~ redacted because they're rubbish

stratself avatar Sep 03 '25 11:09 stratself

Hmm, this might be possible, but I am not sure how this would work since the Go standard library does the ECH decryption, and those methods are unexported. Probably lots of copying-pasting 😬

mholt avatar Sep 05 '25 18:09 mholt

There's also a Cloudflare library that can help, but it's for HPKE so it's lower-level: https://github.com/cloudflare/circl/tree/main/hpke

This library could also be interesting, possibly higher-level: https://pkg.go.dev/github.com/c2FmZQ/ech

mholt avatar Sep 05 '25 18:09 mholt