[TLS]Re: I-D Action: draft-ietf-tls-svcb-ech-04.txt

Yaakov Stein <ystein@allot.com> Thu, 22 August 2024 06:40 UTC

Return-Path: <ystein@allot.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BBB2BC18DB8A for <tls@ietfa.amsl.com>; Wed, 21 Aug 2024 23:40:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.109
X-Spam-Level:
X-Spam-Status: No, score=-7.109 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_HI=-5, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=allot.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JMeMC-6Q8A9z for <tls@ietfa.amsl.com>; Wed, 21 Aug 2024 23:40:25 -0700 (PDT)
Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2110.outbound.protection.outlook.com [40.107.21.110]) (using TLSv1.2 with cipher ECDHE-ECDSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C5645C18DB8F for <tls@ietf.org>; Wed, 21 Aug 2024 23:40:24 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=oLsIkoSagpfAN3F65v39YdM/G0Wcj649KqoxpCw56wSQpnXx6uAmQ3gU0Me/6qxkfQJRzRcN5JXw+PpMGC6hlg33AeDHRCeTopFBjx3KYrvBRL0h40GOVUK3BfxsQAOPU9Z4MQPV6va2u0wS40yEX/7eo7OKZ4bDuh7I7Nkm1GmyPOqqanaqpHSj8gX4rSQ3KMHe7XA5iZhJYHDl56gPI0rA9GMUvbl04WGaZst7JkiDgMmdz1kSm/3qUHuHGbi7H0rfE26C0npH83Z1IDOdwrwzrCGrzGc9c8D2z+v6+S5yHbEwsK98LWV+K9hSeCyJp1l/uYwGF4aI/V2/NECbMw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=DDb0Rijf8iFrg2RCRyVQNsb9l2bCbmqAAuELw1V9mDg=; b=auCRI/DB65syl9CpgOC4vp4bUA1gpfmOxtXFf47w0ST6boI2BOklRQ8g6QMoacERSZk3iQ8bBq+4VnSgRGPWKlpJOf6ICw74DBFU/TTF2emrJuX1ur1zXq62D7WtmKjXyUmki613WJujD2DVJWcMCjU5trahDa2QirWVZJ9dLKdfOowDRdNKtg4/D9YkHgtPfaWRNLCenpwuf7eQRGdH0VudK6HEE42bHFFhq2w8iV1so67FuYPsrn0ICUXMReDZTA9yIO2drcWIOagBHTmuFptmt9DEDtx5oBkGpomtSKIO6xK417TYf4HY4PrrDQOznGQvLK4EypC28RblRIpT2g==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=allot.com; dmarc=pass action=none header.from=allot.com; dkim=pass header.d=allot.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=allot.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=DDb0Rijf8iFrg2RCRyVQNsb9l2bCbmqAAuELw1V9mDg=; b=LgXz8/bLmQYhMaHx+Ga6+LwwnPYylRgyvX8J0RariHgY95SmPVHWB2cqXgwc9osTufPpCkjNQnn5u6Wlq8xPmvA2+euIULQfc3RlKV6NORJuDEqcq3uAH8ytfVntA+nmmNMAGrNjPpP0Vjr7+vjZB6Mq6ap1s8p2pN+ewsPZgco=
Received: from GVXPR08MB10714.eurprd08.prod.outlook.com (2603:10a6:150:159::8) by AM8PR08MB6593.eurprd08.prod.outlook.com (2603:10a6:20b:364::19) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7897.15; Thu, 22 Aug 2024 06:40:21 +0000
Received: from GVXPR08MB10714.eurprd08.prod.outlook.com ([fe80::74f8:8650:e83b:34dc]) by GVXPR08MB10714.eurprd08.prod.outlook.com ([fe80::74f8:8650:e83b:34dc%4]) with mapi id 15.20.7897.014; Thu, 22 Aug 2024 06:40:21 +0000
From: Yaakov Stein <ystein@allot.com>
To: "tls@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS]Re: I-D Action: draft-ietf-tls-svcb-ech-04.txt
Thread-Index: AQHa8yKjUsVgvd6Eu0CInaw+i6jWtrIy1Kcg
Date: Thu, 22 Aug 2024 06:40:21 +0000
Message-ID: <GVXPR08MB10714467FE12C3DDE39328557D38F2@GVXPR08MB10714.eurprd08.prod.outlook.com>
References: <172416183896.2055941.9700591535096668504@dt-datatracker-6df4c9dcf5-t2x2k> <CE3DA83B-8321-4FFE-B3A9-8E4228ABE6B7@akamai.com>
In-Reply-To: <CE3DA83B-8321-4FFE-B3A9-8E4228ABE6B7@akamai.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-codetwoprocessed: true
x-codetwo-clientsignature-inserted: true
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=allot.com;
x-ms-publictraffictype: Email
x-ms-traffictypediagnostic: GVXPR08MB10714:EE_|AM8PR08MB6593:EE_
x-ms-office365-filtering-correlation-id: 3c3bf8a6-2a3b-4cb8-005c-08dcc2754b84
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;ARA:13230040|366016|4022899009|376014|1800799024|38070700018;
x-microsoft-antispam-message-info: TnZ2ohOnmngBYyCftu6la/RPFUBhGVEjLkVq7yk9P+V98cMrVFKciDz24mzx/RYwxRGKn5iUueNPGVl6qAkuRmWfP3dANe1y/694aF9v1EScTWGolOPjSw6mFclOdLzlm1BA9vulFqhNaX6cr86hfd4X4Esh+S7EEztS2LLnTpzf4nnj0mv0FGTGLeKeJO0mnWV0/6+N2h/RdCU5huUQtU7C4D2CB8UDcHy6QsPdym85JEHkMUamnT5kAeK+Mu+O/24gdcOSqIwmtLP2+iHDzYws6m6wyMyJpZe5+Elp20pjA54i3mvtaGbt70fHbOmmqq62HPvhCjNku4YSujlwnOAA7kjPwKTKUt/gJ7pw+NshYUHsxpjealHKUdeWdnd1fzEFW6LhydnCMZsvQl+Y4J9m6uLiZ/YS1MdEeqbYLLvu9sI7r6kUlWZAkggEHbalhUn6HnH4Zl6OHi7AyTSkgXpFMArOdQ4wsVS3ALYT49oNVFm3xB0XygKehf/47BJpAXQ4KasKPdvw/Ya8ZsE7NzlWw0W1LW+cMEKI3eiy24QC9bQ47+1XzIINXMbx8o9W//fR+BHRiczQKhuu5zDatcZKE+wPilQmUiXkPFdE/Kj15R2DqnGajN33v8kLi+vEM+puoLdJN1MvrqhXti5isiBPJD/LvajmwkJqecZ0qJP/71g6qBchos9+0PDsIYILbNyjVp6utXLCJX+CFXFc4HtXaDtutFEBmv6GZnWw+QNykoDUCJlIlTWUehmRww85k3fYyjvJ1UNZ4VorkuPah1//Od1Rp+K6yekDGDl71XVog3QKeqS2zy6JTkee+W+2gmXP8tOrNiXAAEg9nviDpFI7I1iBFyxSlq+z5TUM41MMcFuspkdS9VlrOFS9oEnkjNKLaSYuf333t6cvgWw000FWZ4jbxak7K5r8l3mU065sXXkehyccRWvTmV961NxnXAuLuWav6srmYb7rnxZ1RYoSqVNeESS5/YzPJSovdBkG1N1i9KYWlMlm54JpRkUntl9FpoX36t+a8R7NIyoZfU5xGSgWm5wcZDoJRFVsP6Fmex5tS7KO1knR/ATrtiRi/Pi8VPk0TEppqRqlwPuGQHN4+4gsFTgt3ROTmbcFBLptPaq3lfngZGDIqS3dJqv1NOlYAaJREndsO7Bb4c9YOakv0sMRxqVZZd+zZfdTqMpTdk4Q0qBzx51HaS/ZQjUStWpbWfExu00JNRXD0vl+uvMa7iDGPr+Y/vh8FaI9T5884wbhunFd18Dy1R8Oh83wNlBtFeGIxepgjKbB/GIooUH5rkxQDFCUa1sGmPgs7GYihCT6/aXpLoFMg3liCaksYR//mW5zwure4FBMUd3h0mdDE/fmEyJyYc2tcXN9kk3LzrmOt/9JeQmnPA/wTFm6TQXE0P/3Cb/C+ZDmqrk3tQ==
x-forefront-antispam-report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:GVXPR08MB10714.eurprd08.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(366016)(4022899009)(376014)(1800799024)(38070700018);DIR:OUT;SFP:1102;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: Mabd/3KzOmIfjOMHiWJt19GMRe1kp3/NJQC4oENjmvuQro2+wnzBtFMPCzSMrltfg9V2OcS+C0MgdJYWAmZJdXvHyvPrh7KomWyeMlWz6azPumjQmkWteI68k2G9Bwl+iZ/9z0DM0WBkfw2vn5Al6d5QhfellMBOxWcFQsdQmvCNgYoMDwe7L4eCFkwnAFywuJIJk4XF6AtRWfFiC7z4d8oCD8voWqiuECvJIwr7xWvC626GtQItGVG8q82GZHsA23V2AQFG8lphuaexGsaH6wJCQGRVcDDoAkQfvEvCVfnnuQbrq+OWnYCMUoSG6j4AovHWpj+71el3ezeGax5HpaeQCcWLYkcwE8DoZl+GAhL8Q8s9BTnSBKprMUUBgLTETT4Slb+azcMRaohf6v+ncla11ixAnePHaq082RyMPtKnLixydG3ciui0QKFyeB+e6w5GXWpmL+RtBQXLFKbGNMJkVbN5Bc2K+kNRDyPrQ8Zb6gzTMOG8N9pcNBoNGvM/IZAS77Q+w4mvMewRj05CI99EK3t/k5a4r0zYgCpj0EkwsTX6rCZRwoiD/NZM3J84eDCaJBNXYxEAYu+g/fAribZHr8ThhQqmAd9rKuxxPUMxUZwk9zZAMqC0T6z5bprTaLoDk4kHQLAAsQa3N7yqiczISG37B0e4AUtb7AKkI5tbPICRHXTbzqEmh3S6t7vsqCIql9xCZJgHjfjQ3Dl7OxVzYVO6AKPrHQ5JctdjTVnzlYVRR041i+nQdmDcUT/Fex+OkCfbymh/VoFA907XwOaCAMco/oh7dTr4CD8VcET5eVIuO7x8i8W88UuRZvacZYAKEzrepyokN1G1b8QtbVS0YvEZ/Cy//6pjBL+myv7tRqQfcYRBIFNzwsLvrvHG6poCZ5uvhKuCXAlmTpUZbY2gAWewvKBOMPh5ys1tsc9vmbGDCBNYLp5ohVqKUOJ/BrL6a01KrnjvIN5tEOPfmn9cR/zVzgutTYbfAEPbk+IkUlBbRubRZbYhzlunteER4A1ltrRQJMAPw5BjR0Y2q/uTc3tQmUvJSdRCsdxQctCftwrZ0LQDgd+do1Rpb81zyuVwK9FlakTQpJnwRHXMo39ZScOh3hEmsfw1+zWJ6f/lLkE9Ejv/TLKmofV06PA32ogyaQgrLXsz84jRDZxRaTGn3gipW4s8iboxpYDJ7vPPf3cUMVjXjh97azWSkHh1MOcCA1+65alJTDLeaB9trcVzw+TY+glxd87dl5MpO/1lIT0h18Hv1FUWcJTAd4j79owzJoaz5dMSxBKCauR5B4ITlJDCG8tQ6KbN6lvcwmwRxxI7Arkx2syFmY+AS1/0EtwTs+xndg5o2ghm3AGRf+tIuz9/8Lgh7X4EkIBXk++Be1PhH6tDI3slU/U0dTvPBAQHJKEpYu8kr0kaHMxxAOgb6Cab/oRZUA6CaQ4RoHuknt+PbjDnbOUMZLPnLc2zioBjodH2l7EAnn33+Y36faWVS+keSzKw83AiX8ICP2AKcggj0CG+oJPuP1BqwQ+3u/fR96vnwgcEy+OY+RtF4ZL+ghxX/6EtEjN2uu9fY8k5e1Rdh2G/Z8JXRwQdB2yNXwr2Llk8SzWjomL7F3KjoeiHDpkAeaJpVWG5kBny9Is=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-OriginatorOrg: allot.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: GVXPR08MB10714.eurprd08.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 3c3bf8a6-2a3b-4cb8-005c-08dcc2754b84
X-MS-Exchange-CrossTenant-originalarrivaltime: 22 Aug 2024 06:40:21.3641 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 789e5ff8-0396-414e-803b-13a424e9f5d2
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: qBHRrGFJW9ZvaHeVuSjCd18CZaARiaKHIbdL7Mtjv5OoZHVYYptOEkQFCOXRJO7fnSQxGG7QdJWfG8CaUu31qw==
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM8PR08MB6593
Message-ID-Hash: 4OOLYAUQD2VGYMKF5I5Q7OIMK3NO3LGW
X-Message-ID-Hash: 4OOLYAUQD2VGYMKF5I5Q7OIMK3NO3LGW
X-MailFrom: ystein@allot.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "Salz, Rich" <rsalz=40akamai.com@dmarc.ietf.org>
X-Mailman-Version: 3.3.9rc4
Precedence: list
Subject: [TLS]Re: I-D Action: draft-ietf-tls-svcb-ech-04.txt
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/kWkuoMeaOtGyV3pU02191wOADHE>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Bootstrapping is REALLY not appropriate, since this is not TLS with ECH enabling itself,
but rather a DNS mechanism enabling ECH.

But the document is ready for LC.

Y(J)S


-----Original Message-----
From: Salz, Rich <rsalz=40akamai.com@dmarc.ietf.org>
Sent: Tuesday, August 20, 2024 8:00 PM
To: tls@ietf.org
Subject: [TLS]Re: I-D Action: draft-ietf-tls-svcb-ech-04.txt


I read the document [1].  I think it's ready for WGLC. I suggest one change. I find the use of "bootstrapping" in the title misleading.  I suggest "Enabling TLS Encrypted ClientHello via DNS Service Bindings."

[1] https://datatracker.ietf.org/doc/draft-ietf-tls-svcb-ech/


_______________________________________________
TLS mailing list -- tls@ietf.org
To unsubscribe send an email to tls-leave@ietf.org
CAUTION: This email originated from outside the organization. Do not follow guidance, click links or open attachments unless you recognize the sender and know the content is safe.
This message is intended only for the designated recipient(s). It may contain confidential or proprietary information. If you are not the designated recipient, you may not review, copy or distribute this message. If you have mistakenly received this message, please notify the sender by a reply e-mail and delete this message. Thank you.