Buy commercial curl support. We
help you work out your issues, debug your libcurl applications, use the API,
port to new platforms, add new features and more. With a team lead by the
curl founder Daniel himself.
Re: HTTPS RR in curl
- Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]
From: Stephen Farrell <stephen.farrell_at_cs.tcd.ie>
Date: Fri, 18 Apr 2025 17:24:44 +0100
Hiya,
On 17/04/2025 22:06, Daniel Stenberg via curl-library wrote:
>
> We have no ECH tests in the test suite so it is not unthinkable that we
> have broken it when we changed the HTTPS-RR logic recently.
Apologies again for not having gotten around to adding ECH
tests to the curl test harness. (That still seems complicated
due to the need for a local ECH-enabled server, but I do have
it on my list.)
Would it make sense in the meantime as a stop-gap to add a test
that checks whether ECH works with [1] and/or [2]?
We've had [1] working online for a few years now. [2] is more
recent (about 6 months old) but produces JSON that's more
easily checked. Neither will go away this year for sure, so
adding one or both could be useful as a temporary thing, but
of course there is a risk of generating false negatives if
I muck up DNS or the VM or something that might disturb other
people.
Cheers,
S.
[1] https://defo.ie/ech-check.php
[2] https://test.defo.ie/echstat.php?format=json
Received on 2025-04-18
Date: Fri, 18 Apr 2025 17:24:44 +0100
Hiya,
On 17/04/2025 22:06, Daniel Stenberg via curl-library wrote:
>
> We have no ECH tests in the test suite so it is not unthinkable that we
> have broken it when we changed the HTTPS-RR logic recently.
Apologies again for not having gotten around to adding ECH
tests to the curl test harness. (That still seems complicated
due to the need for a local ECH-enabled server, but I do have
it on my list.)
Would it make sense in the meantime as a stop-gap to add a test
that checks whether ECH works with [1] and/or [2]?
We've had [1] working online for a few years now. [2] is more
recent (about 6 months old) but produces JSON that's more
easily checked. Neither will go away this year for sure, so
adding one or both could be useful as a temporary thing, but
of course there is a risk of generating false negatives if
I muck up DNS or the VM or something that might disturb other
people.
Cheers,
S.
[1] https://defo.ie/ech-check.php
[2] https://test.defo.ie/echstat.php?format=json
-- Unsubscribe: https://lists.haxx.se/mailman/listinfo/curl-library Etiquette: https://curl.se/mail/etiquette.html
- application/pgp-signature attachment: OpenPGP digital signature