Hello TLS, I just published an individual draft in QUIC that tries to take the ECHO mechanism and use it to protect the entire Initial packet exchange in QUIC, instead of just selected fields in the client hello. It is reliant on QUIC version negotiation to recover from config mismatches:
https://datatracker.ietf.org/doc/draft-duke-quic-protected-initial/ Thoughts from the experts here would be welcome.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
