Closed Bug 1494901 Opened 6 years ago Closed 4 years ago

Implement encrypted SNI

Categories

(NSS :: Libraries, enhancement, P1)

enhancement

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ekr, Assigned: ekr)

References

(Depends on 1 open bug)

Details

Attachments

(1 file)

Updated to -00. Code not really ready, but ready for MT to take a first look at.
Comment on attachment 9012816 [details]
First cut at ESNI. draft-00. Interops with PicoTLS and CF BoringSSL

Martin Thomson [:mt:] has approved the revision.
Attachment #9012816 - Flags: review+
Depends on: 1495409
Depends on: 1495451
Assignee: nobody → ekr
Status: NEW → ASSIGNED
Priority: -- → P1
QA Contact: jjones

South Korean needs this feature to Release.

Now, South Korea started to block 'injurious site' even HTTPS, with SNI checking. So, considerable people uses Firefox Nightly to use ESNI; As you know, this is not good idea.

The Wikimedia Foundation will likely support it: https://phabricator.wikimedia.org/T205378
CloudFlare already does: https://www.cloudflare.com/ssl/encrypted-sni/

Blocks: 1590863

This patch landed in https://hg.mozilla.org/projects/nss/rev/a706ba3c4fa9522a75059657707ade5f59d3955f. Closing and linking a new bug to the meta for ECH.

Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.40
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Created:
Updated:
Size: