Hans-Christoph Steiner added the comment:
I agree with all you say, but I think it is important to not rule out handling
HTTPS/SVCB DNS here. It can happen at a later stage though. What you propose
works great for the first step.
If handling the DNS is punted to some external library, that
Christian Heimes added the comment:
Thanks for filing this feature request!
The DNS lookup part is out of scope for the ssl module. I don't want to get
into the DNS business. At $WORK I work on BIND, DNSSEC and DNS over TLS. Secure
DNS (and DNS in general) is already complicated when you con
New submission from Hans-Christoph Steiner :
The next version of the IETF-standardized TLS protocol is known as Encrypted
ClientHello (ECH) [1] formerly known as Encrypted SNI (ESNI). This ticket
collects information for ECH support, and tracks which APIs have to be added to
Python in order t
