Closed cjpatton closed 3 years ago
FWIW, my preference would be to quit after one connection attempt. This avoids the need to manage complexity we don't need right now.
FWIW, my preference would be to quit after one connection attempt. This avoids the need to manage complexity we don't need right now.
I concur. I think we can adequately test this feature with only a single connection. (Check for the alert, as you suggest, and check that the retry config is sent.) If we need to handle more than one connection for other use cases, we can revisit this in the future.
In that spirit, we have the following TODOs:
I'll work on PRs for these this week.
This is done!
We will soon want to add a test case for exercising the rejection codepath for ECH. In this setting, the client offers the ECH extension encrypted using a configuration the server doesn't recognize. In this case, the server terminates the connection with a fallback certificate --- the "client-facing" certificate, in ECH parlance --- and transmits an acceptable ECH config in its EncryptedExtensions message. The client is then expected to abort the connection with an "ech_required" alert and retry the connection with the new configuration.
This test case raises questions that we haven't fully addressed.