IETF Logo Mail Archive

Re: [TLS] Working Group Last Call for ECH

Rob Sayre <sayrer@gmail.com> Mon, 11 March 2024 22:08 UTC

Return-Path: <sayrer@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B430AC14CEE3 for <tls@ietfa.amsl.com>; Mon, 11 Mar 2024 15:08:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.104
X-Spam-Level:
X-Spam-Status: No, score=-2.104 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Gdc5JJLDG6SK for <tls@ietfa.amsl.com>; Mon, 11 Mar 2024 15:08:48 -0700 (PDT)
Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45BBFC14F5EC for <tls@ietf.org>; Mon, 11 Mar 2024 15:08:48 -0700 (PDT)
Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-55a179f5fa1so6488551a12.0 for <tls@ietf.org>; Mon, 11 Mar 2024 15:08:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1710194927; x=1710799727; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=iegA9ioMldUKBVeT32sIboItfbNIv3z2DRqpvaxIVKU=; b=flepG9d+F7hFifYVPRHswcBDELfRSn5aUKlSnZDho5V/x3h4Z6ee/5ul0tOjpb9XQ7 pc6sAVnTOM9aJL8fgdQJvhavq+Yd7lRkEGIK7ZIroZq51paBFt6I39kyckoJLmieiISn u2/EfNeqbGDwXpieOA5KJ210PuTkEWK5iKnV+YT6eEzkIzmfYm5bWk4JPzVvu3s251sk Z0phjrEiQvjlZddy759fXqMpAFqvdJMgZWlsT3LkUJJ0B/WSt+JFCfpcJcv0011g1PEk oVCQKw9sD591XxwU/sKMSsEq1gxHx2AbYKzRqEeBiKhSc1UBc3lh9tHSLJQjsHY9lPP9 umIA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1710194927; x=1710799727; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=iegA9ioMldUKBVeT32sIboItfbNIv3z2DRqpvaxIVKU=; b=lvdqhRI7UT+Mwm65jVa1xDkYWdxUlphyqDroLiQciTB7XB6s+Yc/+aiSQLGe2S3Dj1 a4ayTVZBwze5nDYYO8GK2WoU24hZSIOb0H372op4OyjV8yqkT6KPqJnS45fW5xce12iA 9w8nTPas7dm8o6sOkdUeNL+VEKhwo+y8mYFLXtbYRFSLTIXTRp6ojx2eOhl+c4XQpaFy 3Bq94FChkfFRUlkGirRo8H190fCUv+2RgavXhDM/0j4MPeCNwgI0iMfDnnjWAKVav+zK cG07kGWYexb1OozA333PyIN/tID1+zh05wwXW4EMI9ywV71pxy8IGnjSqQ0Ugaxu/oqg ikiA==
X-Gm-Message-State: AOJu0YyZYfrKXnZXR9pGmlka9pq+096A5KFW7oUMrJ2XRlDFxycSu/UG /+6Q+tMKXVxaMKtypUwQZYIkm9pLiZ5yvx0X9d8tkPkBuk2bk4X+nRuSEGYmIjFve2JVwCe51PQ P01+35wpGyM91ReyhPyeDbEdek2XQAnbO
X-Google-Smtp-Source: AGHT+IH/pNCbB/gcobKBib6JR53myM6tTH2J9WwTqSLDUm6QRrlUU1OoEx46V/wpENEcY5DWlNkiIGTU5tIHklCUtTc=
X-Received: by 2002:a50:9b58:0:b0:565:a6a4:2ecc with SMTP id a24-20020a509b58000000b00565a6a42eccmr4949783edj.2.1710194926410; Mon, 11 Mar 2024 15:08:46 -0700 (PDT)
MIME-Version: 1.0
References: <CAOgPGoD4iiJ7kivRo4xbe0peiMG3YdzUvmVHC2KvqnMOpm+N7Q@mail.gmail.com>
In-Reply-To: <CAOgPGoD4iiJ7kivRo4xbe0peiMG3YdzUvmVHC2KvqnMOpm+N7Q@mail.gmail.com>
From: Rob Sayre <sayrer@gmail.com>
Date: Mon, 11 Mar 2024 15:08:34 -0700
Message-ID: <CAChr6SzdcXTuUpjifniwVZcE6yJ+eUMokXy--Y-YcyYqU5TotA@mail.gmail.com>
To: Joseph Salowey <joe@salowey.net>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000015fff1061369c9b0"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/Yr4nOsmQSh9NaTZ9k6ZOgHff4zw>
Subject: Re: [TLS] Working Group Last Call for ECH
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 11 Mar 2024 22:08:52 -0000

I think it is ready and can live with the current draft. I agree with
Watson Ladd that the ordering is awkward. If you get past that part, it all
works, but you have to read the whole thing before you really get it. Then,
you must start in the middle to begin your implementation. I guess the
criticism is that it's not a very good guide as you implement, but it all
makes sense as you try things in a different order than the draft indicates.

I also believe there was supposed to be some formal proof work done, and
I'm not sure that's complete.

thanks,
Rob


On Mon, Mar 11, 2024 at 3:00 PM Joseph Salowey <joe@salowey.net> wrote:

> This is the working group last call for TLS Encrypted Client Hello [1].
> Please indicate if you think the draft is ready to progress to the IESG and
> send any comments to the list by 31 March 2024.  The comments sent by
> Watson Ladd to the list [2] on 17 February 2024 will be considered last
> call comments.
>
> Thanks,
>
> Joe, Deirdre, and Sean
>
> [1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
> [2] https://mailarchive.ietf.org/arch/msg/tls/XUCFuNBSQfSJclkhLW-14DZ0ETg/
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>

v2.23.0 | Report a Bug | By Email