Hiya,
I had a read and think this is a great topic for
discussion.
A few points:
- I think we'd benefit from trying to think through
the dynamics of this, e.g. how many of each entity
might we see and how'd that differ from the current
web PKI and possibly affect the web? (It's fine that
that
Hi TLS,
>From its inception, draft-ietf-dnsop-svcb-https (the "SVCB/HTTPS record"
draft) has described how to use these new DNS record types to convey
Encrypted ClientHello public keys (via ECHConfigList). This resulted in a
normative dependency on draft-ietf-tls-esni. However, draft-ietf-tls-es
Issues
--
* tlswg/tls13-spec (+0/-4/💬0)
4 issues closed:
- Add text that keys must be deleted when the connection closes https://github.com/tlswg/tls13-spec/issues/1281
- Reusing key shares enables tracking https://github.com/tlswg/tls13-spec/issues/1285
- HRR server behavior is under
