Hi! Eventually, draft-farrell-tls-wkesni became: https://datatracker.ietf.org/doc/draft-ietf-tls-wkech/ It would be great if input/review from DNSOP came in ;)
Cheers, spt > On May 17, 2022, at 22:50, Warren Kumari <war...@kumari.net> wrote: > > > > > > On Tue, May 17, 2022 at 11:39 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie> > wrote: > Hi all, > > At IETF 113 a draft of mine [1] was presented (slides [2]) at the dispatch > session. Part of the upshot there was to check with dnsop if people felt > asking for adoption here would be the right plan for this draft. > > The draft is concerned with (re-)publishing ECHConfigList values in > SVCB/HTTPS RRs as the keys for ECH are rotated, but in the context where the > ECH private key holder and the DNS publishing entities differ. As an FYI, ECH > interop servers operated by Cloudflare and by me rotate such keys hourly so > some new automation is needed for cases where one does not have some kind of > dynamic DNS API available. > > > > <no hats, personal view only, objects in rear-view mirror may be closer than > they appear, etc/> > 'k, so about the only terms I recognize from the above are 'DNS' and 'RR' - > the rest are deep TLS arcana…. to my mind that makes it seem much more like > it should be adopted in something like TLS, with some input / review from > DNSOP / HTTPBIS… > > W > > P.S: Yeah, yeah, ok, I also recognized the others, but my point is that the > document is much more (to my mind) related to TLS and well-known URIs and > similar, and that the DNS bit is much more secondary... > > > > To be clear: my own opinion is that adopting this in dnsop would not be a > good plan, but that asking the TLS WG would be the right plan instead. That > said though, even if this were adopted by TLS, I think it'd benefit from > input from dnsop (and httpbis), once the adopted form of the draft had taken > would could be a near-final overall shape. And who knows, maybe I'm wrong and > this'd be better handled here. > > So - do people here consider it'd be useful to try for a call for adoption > for this in dnsop, or do you agree with me that doing that in the tls wg > would be better? > > Thanks, > S. > > PS: If it's useful and there's time I'd be fine with asking the above again > at the upcoming interim. > > [1] https://datatracker.ietf.org/doc/draft-farrell-tls-wkesni/ > [2] > https://datatracker.ietf.org/meeting/113/materials/slides-113-dispatch-a-well-known-url-for-publishing-echconfiglists-00 > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop > > _______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
