Document: draft-ietf-tls-svcb-ech Title: Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings Reviewer: Marcus Ihlar Review result: Ready
This document has been reviewed as part of the transport area review team's ongoing effort to review key IETF documents. These comments were written primarily for the transport area directors, but are copied to the document's authors and WG to allow them to address any issues raised and also to the IETF discussion list for information. When done at the time of IETF Last Call, the authors should consider this review as part of the last-call comments they receive. Please always CC [email protected] if you reply to or forward this review. This is a well written, and important document that defines how to bootstrap Encrypted Client Hello using the DNS. The document defines a new SVCB/HTTPS Service Parameter Key named ech with an associated ECHConfigList. The key pair is published by servers in DNS, and capable clients can retrieve the list during name resolution to obtain all necessary information required for sending Encrypted Client Hellos. The document does not introduce, modify or rely on any specific layer 4 behaviours. Any such considerations are likely found in the main ECH specification. _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
