On Tue, May 17, 2022 at 11:39 AM, Stephen Farrell <stephen.farr...@cs.tcd.ie > wrote:
> Hi all, > > At IETF 113 a draft of mine [1] was presented (slides [2]) at the dispatch > session. Part of the upshot there was to check with dnsop if people felt > asking for adoption here would be the right plan for this draft. > > The draft is concerned with (re-)publishing ECHConfigList values in > SVCB/HTTPS RRs as the keys for ECH are rotated, but in the context where > the ECH private key holder and the DNS publishing entities differ. As an > FYI, ECH interop servers operated by Cloudflare and by me rotate such keys > hourly so some new automation is needed for cases where one does not have > some kind of dynamic DNS API available. > <no hats, personal view only, objects in rear-view mirror may be closer than they appear, etc/> 'k, so about the only terms I recognize from the above are 'DNS' and 'RR' - the rest are deep TLS arcana…. to my mind that makes it seem much more like it should be adopted in something like TLS, with some input / review from DNSOP / HTTPBIS… W P.S: Yeah, yeah, ok, I also recognized the others, but my point is that the document is much more (to my mind) related to TLS and well-known URIs and similar, and that the DNS bit is much more secondary... > To be clear: my own opinion is that adopting this in dnsop would not be a > good plan, but that asking the TLS WG would be the right plan instead. That > said though, even if this were adopted by TLS, I think it'd benefit from > input from dnsop (and httpbis), once the adopted form of the draft had > taken would could be a near-final overall shape. And who knows, maybe I'm > wrong and this'd be better handled here. > > So - do people here consider it'd be useful to try for a call for adoption > for this in dnsop, or do you agree with me that doing that in the tls wg > would be better? > > Thanks, > S. > > PS: If it's useful and there's time I'd be fine with asking the above > again at the upcoming interim. > > [1] https://datatracker.ietf.org/doc/draft-farrell-tls-wkesni/ > [2] > > https://datatracker.ietf.org/meeting/113/materials/slides-113-dispatch-a-well-known-url-for-publishing-echconfiglists-00 > > _______________________________________________ > DNSOP mailing list > DNSOP@ietf.org > https://www.ietf.org/mailman/listinfo/dnsop >
_______________________________________________ DNSOP mailing list DNSOP@ietf.org https://www.ietf.org/mailman/listinfo/dnsop
