2025-10-09 –, Prague/ Technical Deep Dive & Innovation
Stephen has been implementing the Encrypted Client Hello (ECH) mechanism being developed in the IETF TLS working group and attempting to get code for that upstreamed into the library. The first part of that (HPKE) landed in late 2022 after an extended PR discussion. Remaining ECH functionality is even more complex and affects many parts of the TLS code and is in the process of being upstreamed into a feature branch. The talk will review some of the many reasons why attempting this turns out to be challenging, but will also argue that the project would be wise to strive to decrease the difficulty of (some but not all) activities like this.
Stephen has been implementing the Encrypted Client Hello (ECH) mechanism being developed in the IETF TLS working group and attempting to get code for that upstreamed into the library. The first part of that (HPKE) landed in late 2022 after an extended PR discussion. Remaining ECH functionality is even more complex and affects many parts of the TLS code and is in the process of being upstreamed into a feature branch. The talk will review some of the many reasons why attempting this turns out to be challenging, but will also argue that the project would be wise to strive to decrease the difficulty of (some but not all) activities like this.
Stephen Farrell is a research fellow in the School of Computer Science and Statistics at Trinity College Dublin where he teaches and researches on security and delay/disruption-tolerant networking (DTN), and in 2006 co-authored the first book on the latter topic. He is a co-founder of Tolerant Networks Limited , a TCD campus company. Tolerant Networks are currently funded by OTF to implement the draft Encrypted ClientHello (ECH) specification in the DEfO project.