Hiya,
Bit of a corner case I'm not sure about. Apologies if this has come up before. The scenario: - inner SNI is inner.example - ECHConfig from inner.example's DNS has outer.example as public_name - client authenticates with ClientHelloOuter and the ServerHello contains retry_configs with one ECHConfig that has a public_name of another.example - client decides to retry and a similar thing happens (authenticates with ClientHelloOuter) but this time with public_name of yetanother.example - rinse/repeat until the client is fed up with retries or manages to authenticate using ClientHelloInner if ECH eventually works My question is: should the client care about those changes in public_name or not? I think the answer is "not" but wanted to check. Ta, S.
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
