On Monday, July 22, 2024 5:11:23 PM PDT Jessica Krynitsky wrote: > Thanks Ben and Erik for the comments! > > Erik, yes I agree, I think we had TLS 1.3 in mind when writing the draft and > when evaluating alternatives for this encrypted DNS scenario. I think we > can make an edit to specify TLS 1.3 or at least post-handshake client > authentication with TLS 1.2. It sounds like from both of these comments we > need to spell out privacy considerations in more detail. > > ...
Making TLS 1.2 available as a fallback is vital. Many secure private edge networks will never allow TLS 1.3 because of ECH. Think government, military, corporate. The moment we explicitly disallowed fallback, these networks would be forced into explicit edge proxies with private keys. I think that's an outcome worth avoiding. So, +1 to the above. -- P Vixie _______________________________________________ DNSOP mailing list -- dnsop@ietf.org To unsubscribe send an email to dnsop-le...@ietf.org
