Our #HKPE (RFC9180) implementation shipped by #OpenSSL has been audited, and passed with flying colors: "Auditors did not identify any directly exploitable vulnerabilities". Nice work, Stephen Farrell!

https://7asecurity.com/blog/2023/12/defo-2-openssl-hpke-pr-security-audit/

https://www.opentech.fund/security-safety-audits/defo-2-openssl-hpke-pr-security-audit/

#EncryptedClientHello #ECH #MessagingLayerSecurity #MLS,