Protocol Action: 'Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings' to Proposed Standard (draft-ietf-tls-svcb-ech-08.txt)
The IESG <iesg-secretary@ietf.org> Mon, 16 June 2025 21:41 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@mail2.ietf.org
Received: from [10.244.8.178] (unknown [104.131.183.230]) by mail2.ietf.org (Postfix) with ESMTP id DF85C35A8638; Mon, 16 Jun 2025 14:41:42 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: Protocol Action: 'Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings' to Proposed Standard (draft-ietf-tls-svcb-ech-08.txt)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.41.0
Auto-Submitted: auto-generated
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 7bit
Message-ID: <175011010278.420930.3649749226852967045@dt-datatracker-75bbdb9cc5-qvb4t>
Date: Mon, 16 Jun 2025 14:41:42 -0700
Message-ID-Hash: W7T65WHZ6SFC5DKD6OBRZTOOBJ6TTWI6
X-Message-ID-Hash: W7T65WHZ6SFC5DKD6OBRZTOOBJ6TTWI6
X-MailFrom: iesg-secretary@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-ietf-announce.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: The IESG <iesg@ietf.org>, draft-ietf-tls-svcb-ech@ietf.org, paul.wouters@aiven.io, rfc-editor@rfc-editor.org, tls-chairs@ietf.org, tls@ietf.org
X-Mailman-Version: 3.3.9rc6
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/tKo1tG96VWYPCiFUjz3aeLyfKrk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Owner: <mailto:ietf-announce-owner@ietf.org>
List-Post: <mailto:ietf-announce@ietf.org>
List-Subscribe: <mailto:ietf-announce-join@ietf.org>
List-Unsubscribe: <mailto:ietf-announce-leave@ietf.org>
The IESG has approved the following document: - 'Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings' (draft-ietf-tls-svcb-ech-08.txt) as Proposed Standard This document is the product of the Transport Layer Security Working Group. The IESG contact persons are Paul Wouters and Deb Cooley. A URL of this Internet-Draft is: https://datatracker.ietf.org/doc/draft-ietf-tls-svcb-ech/ Technical Summary To use TLS Encrypted ClientHello (ECH) the client needs to learn the ECH configuration for a server before it attempts a connection to the server. This specification provides a mechanism for conveying the ECH configuration information via DNS, using a SVCB or HTTPS record. Working Group Summary Please note that the text in this I-D was initially developed in the DNSOP WG, went through IETF LC, and IESG review. The result of the IESG review was to take the text in this I-D out of RFC 9460 (was draft-ietf-dnsop-svcb-http) and run the new I-D through the TLS WG. The text in this I-D is essentially the same text taken from -11 of draft-ietf-dnsop-svcb-http. In some respects, you could claim that this I-D has consensus from multiple WGs. See also: https://mailarchive.ietf.org/arch/msg/tls/Vct8iUc4IgSHENX2r9IGOQFLkyk/ Document Quality This specification is implemented today by Chrome, Firefox, and Safari [1], and is deployed on all Cloudflare free tier domains [2]. [1] https://chromestatus.com/feature/6196703843581952 [2] https://blog.cloudflare.com/announcing-encrypted-client-hello Personnel The Document Shepherd for this document is Sean Turner. The Responsible Area Director is Paul Wouters.