curl/docs/ECH.md

136 lines
4.6 KiB
Markdown
Raw Normal View History

# TLS: ECH support in curl and libcurl
2019-06-04 22:53:02 +08:00
## Summary
**ECH** means **Encrypted Client Hello**, a TLS 1.3 extension which is
currently the subject of an [IETF Draft][tlsesni]. (ECH was formerly known as
ESNI).
2019-06-04 22:53:02 +08:00
This file is intended to show the latest current state of ECH support
2019-06-04 22:53:02 +08:00
in **curl** and **libcurl**.
At end of August 2019, an [experimental fork of curl][niallorcurl], built
using an [experimental fork of OpenSSL][sftcdopenssl], which in turn provided
an implementation of ECH, was demonstrated interoperating with a server
belonging to the [DEfO Project][defoproj].
2019-06-04 22:53:02 +08:00
Further sections here describe
- resources needed for building and demonstrating **curl** support
for ECH,
2019-06-04 22:53:02 +08:00
- progress to date,
- TODO items, and
- additional details of specific stages of the progress.
## Resources needed
To build and demonstrate ECH support in **curl** and/or **libcurl**,
2019-06-04 22:53:02 +08:00
you will need
- a TLS library, supported by **libcurl**, which implements ECH;
2019-06-04 22:53:02 +08:00
- an edition of **curl** and/or **libcurl** which supports the ECH
2019-06-04 22:53:02 +08:00
implementation of the chosen TLS library;
- an environment for building and running **curl**, and at least
building **OpenSSL**;
- a server, supporting ECH, against which to run a demonstration
2019-06-04 22:53:02 +08:00
and perhaps a specific target URL;
- some instructions.
The following set of resources is currently known to be available.
| Set | Component | Location | Remarks |
|:-----|:-------------|:------------------------------|:-------------------------------------------|
| DEfO | TLS library | [sftcd/openssl][sftcdopenssl] | Tag *esni-2019-08-30* avoids bleeding edge |
| | curl fork | [niallor/curl][niallorcurl] | Tag *esni-2019-08-30* likewise |
| | instructions | [ESNI-README][niallorreadme] | |
## Progress
### PR 4011 (Jun 2019) expected in curl release 7.67.0 (Oct 2019)
- Details [below](#pr4011);
- New configuration option: `--enable-ech`;
2019-06-04 22:53:02 +08:00
- Build-time check for availability of resources needed for ECH
2019-06-04 22:53:02 +08:00
support;
- Pre-processor symbol `USE_ECH` for conditional compilation of
ECH support code, subject to configuration option and
2019-06-04 22:53:02 +08:00
availability of needed resources.
## TODO
- (next PR) Add libcurl options to set ECH parameters.
2019-06-04 22:53:02 +08:00
- (next PR) Add curl tool command line options to set ECH parameters.
2019-06-04 22:53:02 +08:00
- (WIP) Extend DoH functions so that published ECH parameters can be
2019-06-04 22:53:02 +08:00
retrieved from DNS instead of being required as options.
- (WIP) Work with OpenSSL community to finalize ECH API.
2019-06-04 22:53:02 +08:00
- Track OpenSSL ECH API in libcurl
2019-06-04 22:53:02 +08:00
- Identify and implement any changes needed for CMake.
- Optimize build-time checking of available resources.
- Encourage ECH support work on other TLS/SSL backends.
2019-06-04 22:53:02 +08:00
## Additional detail
### PR 4011
**TLS: Provide ECH support framework for curl and libcurl**
2019-06-04 22:53:02 +08:00
The proposed change provides a framework to facilitate work to implement ECH
support in curl and libcurl. It is not intended either to provide ECH
functionality or to favour any particular TLS-providing backend. Specifically,
the change reserves a feature bit for ECH support (symbol
`CURL_VERSION_ECH`), implements setting and reporting of this bit, includes
dummy book-keeping for the symbol, adds a build-time configuration option
(`--enable-ech`), provides an extensible check for resources available to
provide ECH support, and defines a compiler pre-processor symbol (`USE_ECH`)
accordingly.
2019-06-04 22:53:02 +08:00
Proposed-by: @niallor (Niall O'Reilly)\
Encouraged-by: @sftcd (Stephen Farrell)\
2020-11-04 21:02:01 +08:00
See-also: [this message](https://curl.se/mail/lib-2019-05/0108.html)
2019-06-04 22:53:02 +08:00
Limitations:
- Book-keeping (symbols-in-versions) needs real release number, not 'DUMMY'.
- Framework is incomplete, as it covers autoconf, but not CMake.
- Check for available resources, although extensible, refers only to
specific work in progress ([described
here](https://github.com/sftcd/openssl/tree/master/esnistuff)) to
implement ECH for OpenSSL, as this is the immediate motivation
2019-06-04 22:53:02 +08:00
for the proposed change.
## References
2019-12-06 19:56:14 +08:00
Cloudflare blog: [Encrypting SNI: Fixing One of the Core Internet Bugs][corebug]
2019-06-04 22:53:02 +08:00
Cloudflare blog: [Encrypt it or lose it: how encrypted SNI works][esniworks]
IETF Draft: [Encrypted Server Name Indication for TLS 1.3][tlsesni]
---
[tlsesni]: https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
[esniworks]: https://blog.cloudflare.com/encrypted-sni/
[corebug]: https://blog.cloudflare.com/esni/
[defoproj]: https://defo.ie/
[sftcdopenssl]: https://github.com/sftcd/openssl/
[niallorcurl]: https://github.com/niallor/curl/
[niallorreadme]: https://github.com/niallor/curl/blob/master/ESNI-README.md