The IESG has approved the following document: - 'Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings' (draft-ietf-tls-svcb-ech-08.txt) as Proposed Standard
This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-svcb-ech/ Technical Summary To use TLS Encrypted ClientHello (ECH) the client needs to learn the ECH configuration for a server before it attempts a connection to the server. This specification provides a mechanism for conveying the ECH configuration information via DNS, using a SVCB or HTTPS record. Working Group Summary Please note that the text in this I-D was initially developed in the DNSOP WG, went through IETF LC, and IESG review. The result of the IESG review was to take the text in this I-D out of RFC 9460 (was draft-ietf-dnsop-svcb-http) and run the new I-D through the TLS WG. The text in this I-D is essentially the same text taken from -11 of draft-ietf-dnsop-svcb-http. In some respects, you could claim that this I-D has consensus from multiple WGs. See also: https://mailarchive.ietf.org/arch/msg/tls/Vct8iUc4IgSHENX2r9IGOQFLkyk/ Document Quality This specification is implemented today by Chrome, Firefox, and Safari [1], and is deployed on all Cloudflare free tier domains [2]. [1] https://chromestatus.com/feature/6196703843581952 [2] https://blog.cloudflare.com/announcing-encrypted-client-hello Personnel The Document Shepherd for this document is Sean Turner. The Responsible Area Director is Paul Wouters. _______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
