-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 I don’t expect ECH to be the only security improvement enabled by SVCB, and the specification itself is designed to allow additions like that without being baked in from the start.
Any issues posed by adding ECH later are indicative of issues with the SVCB specification as it is right now. The only real advantage of including ECH from the start, to my mind, is the ability to make the tag automatically mandatory. And we could do this without that spec being finished: since the meaning will be laid out in a future RFC, all implementations can simply ignore records with it for now. I’m really excited to see this finalized: I consider it to be one of the most useful and exciting drafts in years. -----BEGIN PGP SIGNATURE----- iMwEARYKAHQWIQST9JhYTT2FVNyHHwCUsC6j0LZIGwUCY/e5PlYYJ2h0dHBzOi8v b3BlbnBncGtleS5zYWtsYWQ1LmNvbS9maW5nZXJwcmludC9GRERGQzRBNEE2N0Qw NEVGRkVCOEU0MjQ5Q0EyMTQ5NTgzRURCRjg0JwAKCRCUsC6j0LZIGwoCAP4j0zUf ic1Q4+Sm4Zy3dk6MoVIPfQPfM2Ycj7BPMwdSzgEAm9Q9NYybxfwNtpBghIstxyZh coru9N5waZBfCoaTJgE= =2uvG -----END PGP SIGNATURE----- _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
