________________________________ From: Linda Dunbar via Datatracker <nore...@ietf.org> Sent: Wednesday, April 9, 2025 3:58 PM To: ops-...@ietf.org <ops-...@ietf.org> Cc: draft-ietf-tls-svcb-ech....@ietf.org <draft-ietf-tls-svcb-ech....@ietf.org>; last-c...@ietf.org <last-c...@ietf.org>; tls@ietf.org <tls@ietf.org> Subject: Opsdir ietf last call review of draft-ietf-tls-svcb-ech-07
... > Mixed SVCB RRSets with and without the “ech” parameter are vulnerable to > downgrade attacks, yet may occur in multi-provider environments or during > staged rollouts. Clear operational guidance is needed to mitigate these risks, > such as prioritizing ECH-capable endpoints using SvcPriority. Deployments > involving CDNs or multi-CDN setups add complexity around coordination of ECH > keys and consistent DNS records, and would benefit from best practice > recommendations. This situation is addressed in detail already in the Security Considerations: https://www.ietf.org/archive/id/draft-ietf-tls-svcb-ech-07.html#section-8-1. I don't believe we have any further recommendations. > Additionally, diagnosing ECH failures can be difficult due to the lack of > fallback and visibility. The draft should recommend logging and monitoring > strategies to help operators detect misconfigurations. I don't believe we have any relevant recommendations for logging or monitoring. Any such logging would likely not be related to the DNS records, so those recommendations would be in draft-ietf-tls-esni or a later draft. > Key rotation, TTL > management, and rollback procedures are also important but not addressed. draft-ietf-tls-esni does already discuss these topics: Key rotation: https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni#name-maintain-forward-secrecy Rollback: https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni#name-misconfiguration-and-deploy
_______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
