Hi TLS, >From its inception, draft-ietf-dnsop-svcb-https (the "SVCB/HTTPS record" draft) has described how to use these new DNS record types to convey Encrypted ClientHello public keys (via ECHConfigList). This resulted in a normative dependency on draft-ietf-tls-esni. However, draft-ietf-tls-esni is still under development, while draft-ietf-dnsop-svcb-https is otherwise ready for publication, and is in turn blocking the publication of a growing number of finished drafts that use the SVCB system.
The Responsible AD (Warren Kumari) has requested that we separate the Encrypted ClientHello dependency from draft-ietf-dnsop-svcb-https, in order to allow these documents to move forward. We've moved that text into a new draft (below). On the advice of the TLS and DNSOP chairs, we're bringing that draft to the TLS working group and seeking adoption. Apart from introductory scene-setting, the language in this draft is largely extracted from draft-ietf-dnsop-svcb-https-11, which had already passed WGLC (in DNSOP), IETF LC, and IESG Review. --Ben Schwartz ---------- Forwarded message --------- A new version of I-D, draft-sbn-tls-svcb-ech-00.txt has been successfully submitted by Ben Schwartz and posted to the IETF repository. Name: draft-sbn-tls-svcb-ech Revision: 00 Title: Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings Document date: 2023-03-11 Group: Individual Submission Pages: 6 URL: https://www.ietf.org/archive/id/draft-sbn-tls-svcb-ech-00.txt Status: https://datatracker.ietf.org/doc/draft-sbn-tls-svcb-ech/ Html: https://www.ietf.org/archive/id/draft-sbn-tls-svcb-ech-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-sbn-tls-svcb-ech Abstract: To use TLS Encrypted ClientHello (ECH) the client needs to learn the ECH configuration for a server before it attempts a connection to the server. This specification provides a mechanism for conveying the ECH configuration information via DNS, using a SVCB or HTTPS record. The IETF Secretariat
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
