[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-11-11 Thread Bas Westerbaan
Nit: we have two HPKE IDs registered. (X25519Kyber768Draft00 at KEM id 0x0030 and X-Wing at 0x647a). Otherwise I agree with Eric and Rich. Best, Bas On Mon, Nov 11, 2024 at 2:15 PM Eric Rescorla wrote: > Unlike TLS itself defines cipher suites, ECH just depends on the HPKE > registry from RF

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-11-11 Thread Salz, Rich
On 11/11/2024 09:47, Gianpaolo Angelo Scalone, Vodafone wrote: > Would it make sense to have a specific section on making ECH quantum > safe and provide privacy also in perspective? > IMO, no. That's mostly an issue for HPKE. Strongly agree. ___ TLS m

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-11-11 Thread Eric Rescorla
Unlike TLS itself defines cipher suites, ECH just depends on the HPKE registry from RFC 9180 ( https://www.iana.org/assignments/hpke/hpke.xhtml#hpke-aead-ids). While there aren't currently any PQ-safe HPKE IDs registered, we do have proposals for them ( https://www.ietf.org/archive/id/draft-connoll

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-11-11 Thread Stephen Farrell
On 11/11/2024 09:47, Gianpaolo Angelo Scalone, Vodafone wrote: Would it make sense to have a specific section on making ECH quantum safe and provide privacy also in perspective? IMO, no. That's mostly an issue for HPKE. Let's get the ECH RFC out (so that code can be upstreamed to projects tha

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-11-11 Thread Gianpaolo Angelo Scalone, Vodafone
Hi, not sure if this has to go under ECH or under DNS SVCB/HTTPS RR, but given current status ECH will provide E2E privacy today , but is not Quantum Safe. Would it make sense to have a specific section on making ECH quantum safe and provide privacy also in perspective? C2 General _

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-10-31 Thread Arnaud Taddei
=AOvVaw0ueyeUdjcs-FPnto51YIT8> > > --Ben Schwartz > From: Benjamin Kaduk > Sent: Monday, October 28, 2024 6:26 PM > To: Ben Schwartz > Cc: Lucas Pardue ; > draft-ietf-tls-svcb-ech....@ietf.org ; > tls@ietf.org > Subject: Re: [TLS] Re: Genart last call review of draf

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-10-30 Thread Ben Schwartz
-ietf-tls-svcb-ech@ietf.org ; tls@ietf.org Subject: Re: [TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06 On Mon, Oct 28, 2024 at 09:37:27PM +, Ben Schwartz wrote: >This Message Is From an External Sender >This message came from outside your organization. >

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-10-28 Thread Benjamin Kaduk
On Mon, Oct 28, 2024 at 09:37:27PM +, Ben Schwartz wrote: >This Message Is From an External Sender >This message came from outside your organization. > >On ALPNs - Yes, this is something of an open question. There are some >hints about this in draft-ietf-tls-esni, e.g. Sec

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-10-28 Thread Lucas Pardue
Hey Ben, Responding in line: On Mon, Oct 28, 2024, at 21:37, Ben Schwartz wrote: > On ALPNs - Yes, this is something of an open question. There are some hints > about this in draft-ietf-tls-esni, e.g. Section 10.5: "A client that treats > this context as sensitive SHOULD NOT send context-speci

[TLS] Re: Genart last call review of draft-ietf-tls-svcb-ech-06

2024-10-28 Thread Ben Schwartz
On ALPNs - Yes, this is something of an open question. There are some hints about this in draft-ietf-tls-esni, e.g. Section 10.5: "A client that treats this context as sensitive SHOULD NOT send context-specific values in ClientHelloOuter.". I've occasionally wondered if we would define an ECHC