sftcd
sftcd
> ``` > curl --ech true --doh-url https://1.0.0.1/dns-query https://crypto.cloudflare.com/cdn-cgi/trace -v > > ...... > curl will not fall back to no ech when connection fails Odd. ECH should work for...
> This is not a problem with boringssl, cloudflare network rejects ech when using warp. Ah - didn't know that. Any more info on it? So in this case, the...
> > Any more info on it? > > No, cloudflare doesn't publicly document this behavior, I'm guessing because it's already on the cloudflare intranet, ech is pointless. You can...
So if GREASE'd ECH is working, that implies it's not blocking on the existence of an ECH extension in the client hello. Speculating, it could be that however CF have...
> I think we can merge this as a first take once these minor nits are fixed. This is still **experimental** so we do not guarantee functionality or ABI/API compatibility,...
Just checked using wireshark, and it looks like the same issue arises when accessing https://tls-ech.dev which is another ECH test server operated by someone else and not using my code....
I'll take a look at it again this evening. Thanks for being so responsive too btw!
Hiya, I tried that out locally, but it didn't work for HRR first time out. Probably no surprise if you've not been able to test much. I'll look some more...
I had a look at that in wireshark and vs. a localhost server and unless I've gotten my build wrong, it looks like that version is still setting the ``enc``...
BTW @jpbland1 if it's useful to do a call to chat about this just ping me by email and we can find a slot