--- rfc9849.txt.orig	2026-02-05 15:13:45
+++ rfc9849.txt	2026-02-05 15:21:29
@@ -4,7 +4,7 @@
 
 Internet Engineering Task Force (IETF)                       E. Rescorla
 Request for Comments: 9849                                   Independent
-Category: Standards Track                                         K. Oku
+Category: Standards Track                               奥 一穂 (K. Oku)
 ISSN: 2070-1721                                                   Fastly
                                                              N. Sullivan
                                              Cryptography Consulting LLC
@@ -466,7 +466,7 @@
 
    cipher_suite:  The cipher suite used to encrypt ClientHelloInner.
       This MUST match a value provided in the corresponding
-      ECHConfigContents.cipher_suites list.
+      ECHConfigContents.key_config.cipher_suites list.
 
    enc:  The HPKE encapsulated key used by servers to decrypt the
       corresponding payload field.  This field is empty in a
@@ -626,13 +626,13 @@
    To offer ECH, the client first chooses a suitable ECHConfig from the
    server's ECHConfigList.  To determine if a given ECHConfig is
    suitable, it checks that it supports the KEM algorithm identified by
-   ECHConfig.contents.kem_id, at least one KDF/AEAD algorithm identified
-   by ECHConfig.contents.cipher_suites, and the version of ECH indicated
-   by ECHConfig.version.  Once a suitable configuration is found, the
-   client selects the cipher suite it will use for encryption.  It MUST
-   NOT choose a cipher suite or version not advertised by the
-   configuration.  If no compatible configuration is found, then the
-   client SHOULD proceed as described in Section 6.2.
+   ECHConfig.contents.key_config.kem_id, at least one KDF/AEAD algorithm
+   identified by ECHConfig.contents.key_config.cipher_suites, and the
+   version of ECH indicated by ECHConfig.version.  Once a suitable
+   configuration is found, the client selects the cipher suite it will
+   use for encryption.  It MUST NOT choose a cipher suite or version not
+   advertised by the configuration.  If no compatible configuration is
+   found, then the client SHOULD proceed as described in Section 6.2.
 
    Next, the client constructs the ClientHelloInner message just as it
    does a standard ClientHello, with the exception of the following
@@ -656,9 +656,9 @@
    Section 5.1.  It also computes an HPKE encryption context and enc
    value as:
 
-       pkR = DeserializePublicKey(ECHConfig.contents.public_key)
-       enc, context = SetupBaseS(pkR,
-                                 "tls ech" || 0x00 || ECHConfig)
+    pkR = DeserializePublicKey(ECHConfig.contents.key_config.public_key)
+    enc, context = SetupBaseS(pkR,
+                              "tls ech" || 0x00 || ECHConfig)
 
    Next, it constructs a partial ClientHelloOuterAAD as it does a
    standard ClientHello, with the exception of the following rules:
@@ -2331,6 +2331,11 @@
    Kazuho Oku
    Fastly
    Email: kazuhooku@gmail.com
+
+   Additional contact information:
+
+      奥 一穂
+      Fastly
 
 
    Nick Sullivan