[TLS] Comments on draft-ietf-tls-wkech-09
Watson Ladd <watsonbladd@gmail.com> Wed, 03 September 2025 23:58 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 719B95CFBB4D for <tls@mail2.ietf.org>; Wed, 3 Sep 2025 16:58:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pcpYtSyJmp2x for <tls@mail2.ietf.org>; Wed, 3 Sep 2025 16:58:44 -0700 (PDT)
Received: from mail-wr1-x42c.google.com (mail-wr1-x42c.google.com [IPv6:2a00:1450:4864:20::42c]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 1FAAD5CFBB48 for <tls@ietf.org>; Wed, 3 Sep 2025 16:58:44 -0700 (PDT)
Received: by mail-wr1-x42c.google.com with SMTP id ffacd0b85a97d-3dea538b826so347753f8f.2 for <tls@ietf.org>; Wed, 03 Sep 2025 16:58:44 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1756943923; x=1757548723; darn=ietf.org; h=to:subject:message-id:date:from:mime-version:from:to:cc:subject :date:message-id:reply-to; bh=vWKICOw+zMMonnAlXGVRDn9t3dvK1dQrBIjzpeqsEUI=; b=YRFgXQF17ooSjF8V7cc5TXsxmo3JUZaId4565mHfakRlB9zvnJXVVp1hbS6gKdJrAJ EUS+N8CmANIY7t8F6/ZnZmzib2V8ZbuScvQu1HP/svlXz6Bo+HX8NuZvRX0sld4YGqmV vNYwgHLnjGZ0qzP2ocCx2ggz+KmIY4m8i+yM9Y9eD9JJ3QcDOSL8Hd5AiKLr52ZOk+Wn n7WA0q3kYYsrMKczq2gAfGYIsKU71E8LYbbL5MVPfiOtgC+z/hSmVFot1ePfPLVHQPdb 8rCeE+RNDXS1owZuwGifvYHcYWel2IkyOnEEZr17lna538OisUVin3krblE1zT0l2Pmd wFoQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1756943923; x=1757548723; h=to:subject:message-id:date:from:mime-version:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=vWKICOw+zMMonnAlXGVRDn9t3dvK1dQrBIjzpeqsEUI=; b=cZr8trDMGUiprBLD4/UTzafz5RMW+EyLmT9p4B1CKmIg2KOmdYQPjYKb03oMZeVvhI ap8JX+3LGIwt5gTAwwgtBOt3zF6RriH5h2c7+9BRp5+zD8WLEXizzAs2ID9v4MUPyJFs MzVRR8q/IIH3yh9/Nav1Q4vf1koIlGi6onBaTtALAq+AynsG5BW2pcjuzNJQ1pR4bRsj Xw5KSBovXlSZKZ1vzjh+p02iZ+P+BULb0mm5t4Bh4cO98D4HZh6K/pNZOIbgb5nOXsoy ivtU4GCqDC65EAv39DGg90y29Rd5h8JcBSRwPmx6E6czkDsinOLYwa5J0S9LniReHg6e 9vtg==
X-Gm-Message-State: AOJu0Yz2IZnkCbcA+I1+e+POFXhDTGJQnRTZWbp1AKSA6eflwtCNFjc6 czUHepLZQ7N8bzeOatKfclEchdLy6N5ZJQpumzoNV+ykZIomI2OLmt/Ta04yvaxdKWOYaggUrDj 7f3zI1jdFcJqGE8lQ33yJXwFCKPeRrMDecxn0
X-Gm-Gg: ASbGncvBs6rrnlOHw18/BUSITYhcflX/CW/Jmm4g0xYCfpVdrg7JoLZu0SAEUnUbkqa 6yhxR5c4WBX5PEUTiDEyWMQIVtEYvS8lLxJUOpSLkUQEsrwtU4gJ4nneFsblQPdS3z2FpskmbaN fYtSPEh5NtKfPgeicSK6XH2n/N+I9puBe2R/mm6qeT3lbdzeAwWUdCBQWA5l7sNBaSevP7oZwth aH1R53Pb4IVvD8vbSmq91NzG9YyzYnjNu6c6FWltxLwF+UKGAs=
X-Google-Smtp-Source: AGHT+IGCmUzV0Oh1tyUD0hkueCmQLMs98xvfLOCssJAaKFsl3sRqrS9W3vtmc0aSubabYZ0J3DXwOqQCihgkfNCNNQA=
X-Received: by 2002:a5d:5f50:0:b0:3ce:1750:311 with SMTP id ffacd0b85a97d-3d1df34c669mr12306497f8f.55.1756943922420; Wed, 03 Sep 2025 16:58:42 -0700 (PDT)
MIME-Version: 1.0
From: Watson Ladd <watsonbladd@gmail.com>
Date: Wed, 03 Sep 2025 16:58:31 -0700
X-Gm-Features: Ac12FXw1QaY4rrNL6G9PxAs6PfEV5v6NY44nLQyH4EfmWVDCfghR-Sm7pRPj3lA
Message-ID: <CACsn0cndM9hYZ7hqK2smO1fLgdhfwn58Wzn2ALajDWCyNfnZ0w@mail.gmail.com>
To: TLS List <tls@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Message-ID-Hash: CYGLP43USUDRS5NDJG6A3WKGJLSRWPY6
X-Message-ID-Hash: CYGLP43USUDRS5NDJG6A3WKGJLSRWPY6
X-MailFrom: watsonbladd@gmail.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Comments on draft-ietf-tls-wkech-09
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/hC5zWfA41v8JEJIFRHlheGprtJk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Dear TLS WG, I've read the draft carefully, and I am afraid that I have a few comments. These might be completely uninformed, but I hope they at least point out places other people might have confusion, The first comment is that while the draft talks a lot about HTTPS records, it could also work for non-HTTP protocols via SVCB. The text isn't entirely clear on this point one way or the other. Secondly I'm not sure I understand the split mode example in the draft. The zone being made is the backend.example.com zone, but the data for that zone seems to come from the load balancer machine. However, the load balancer machine has to know its own ECHConfig value (after all the REAL backend took that data from there) plus all the other relevant bits of the HTTPS record. Why does the REAL backend.example.com need to compute any part of the HTTPS record? Once that's computed, the zone builder talks to the client facing server to put the DNS data on example.com. However it's talking to cf.lb.example to get that DNS data. I think it would make slightly more sense for the zone factory to talk to the REAL backend and put that data in for example.com. This way it's clear how the administrative ownership and flow of data are aligned. In Security Considerations I see "Similarly, a ZF that also has write access to A/AAAA RRs for a backend, SHOULD NOT publish HTTPS RRs that contain ipv4hints or ipv6hints that are in conflict with the correct A/AAAA values unless those have been verified (via webPKI) as belonging to the same backend". To my mind this is written incorrectly: its not the backend that has the IP, but the hostname we'd like to resolve consistently. And that brings me to another point: the processing done by the backend in creating this file in split mode is rather underspecified. It should just be copying the correct configuration from cf.lb.example. The CDN/load balancer/etc knows how to set up DNS for it to work right, the only thing backend.example.com can do is mess it up. Lastly, and I'm not a DNS person by any means, I seem to remember that CNAME is the only record allowed on a zone, and CNAME would resolve the HTTPS record. So what exactly is the setup here that gets the right A and AAAA records for the backend.example.com and uses the CDN? If this only applies to cases where IPs are specified by customers, it will be a very narrow situation. Or are we anticipating HTTPS only CDNS (will never happen for install base/compatibility reasons)? I know this got discussed in the adoption call but sadly my archive searching skills are not finding the relevant emails. Sincerely, Watson -- Astra mortemque praestare gradatim
- [TLS] Comments on draft-ietf-tls-wkech-09 Watson Ladd
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Stephen Farrell
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Watson Ladd
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Ted Hardie
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Watson Ladd
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Ted Hardie
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Watson Ladd
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Ted Hardie
- [TLS] Re: Comments on draft-ietf-tls-wkech-09 Stephen Farrell