1--- 2c: Copyright (C) Daniel Stenberg, <daniel@haxx.se>, et al. 3SPDX-License-Identifier: curl 4Long: ech 5Arg: <config> 6Help: Configure Encrypted Client Hello (ECH) for use with the TLS session 7Added: 8.8.0 8Category: tls ECH 9Protocols: HTTPS 10Multi: single 11See-also: 12 - doh-url 13Example: 14 - --ech true $URL 15--- 16 17# `--ech` 18 19Specifies how to do ECH (Encrypted Client Hello). 20 21The values allowed for \<config\> can be: 22 23## "false" 24Do not attempt ECH 25 26## "grease" 27 28Send a GREASE ECH extension 29 30## "true" 31 32Attempt ECH if possible, but do not fail if ECH is not attempted. 33(The connection fails if ECH is attempted but fails.) 34 35## "hard" 36 37Attempt ECH and fail if that is not possible. 38ECH only works with TLS 1.3 and also requires using 39DoH or providing an ECHConfigList on the command line. 40 41## "ecl:<b64val>" 42 43A base64 encoded ECHConfigList that is used for ECH. 44 45## "pn:<name>" 46 47A name to use to over-ride the `public_name` field of an ECHConfigList 48(only available with OpenSSL TLS support) 49 50## Errors 51 52Most errors cause error 53*CURLE_ECH_REQUIRED* (101). 54
