Re: [TLS] New Version Notification for draft-sbn-tls-svcb-ech-00.txt
Christopher Wood <caw@heapingbits.net> Mon, 13 March 2023 13:06 UTC
Return-Path: <caw@heapingbits.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C03C9C14CE45; Mon, 13 Mar 2023 06:06:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.799
X-Spam-Level:
X-Spam-Status: No, score=-2.799 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, RCVD_IN_DNSWL_LOW=-0.7, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=heapingbits.net header.b="DPsv/Bxu"; dkim=pass (2048-bit key) header.d=messagingengine.com header.b="IYPIS2lF"
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bY7J1mfk-Ivm; Mon, 13 Mar 2023 06:06:07 -0700 (PDT)
Received: from wout2-smtp.messagingengine.com (wout2-smtp.messagingengine.com [64.147.123.25]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 40268C14CE39; Mon, 13 Mar 2023 06:06:07 -0700 (PDT)
Received: from compute6.internal (compute6.nyi.internal [10.202.2.47]) by mailout.west.internal (Postfix) with ESMTP id 12B3B320051E; Mon, 13 Mar 2023 09:06:06 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162]) by compute6.internal (MEProxy); Mon, 13 Mar 2023 09:06:06 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=heapingbits.net; h=cc:cc:content-transfer-encoding:content-type:content-type :date:date:from:from:in-reply-to:in-reply-to:message-id :mime-version:references:reply-to:sender:subject:subject:to:to; s=fm2; t=1678712765; x=1678799165; bh=Mau/s/tCfagQRAqaEZGcTjwMj ak2Wp1YJrnKnb68tII=; b=DPsv/Bxu9QfrFg41uGod6HUDdBPyAmgNzgd91xCW9 5FEHY4v6SacfTUt07RmdGKf8AtJZEVTJlDhju59qB0Ppo036Vw7L3BlbDTqZ5B5+ adNZgqd0DYmTtEz2yXxXFTVDTvzc9MzWs1rhf4ftqZOm3mZmCKDnGla+s3YJ9d9f vF+knzjyNLT9kgWLaPnIHMIfbVaQf43cs0qot24tKiH8OCpBV32GE+N6uPa20V+q lG3TP1iMK7Az5KzIQUaG93GiP9eQwdlGCthYjyNFEvKiEP9UWWleiPefdCn5AcNS v3XbxZXT14LLtC/ByM/Kbc2MVpN0gVh4ARu3ZEVIpV6fg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d= messagingengine.com; h=cc:cc:content-transfer-encoding :content-type:content-type:date:date:feedback-id:feedback-id :from:from:in-reply-to:in-reply-to:message-id:mime-version :references:reply-to:sender:subject:subject:to:to:x-me-proxy :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t= 1678712765; x=1678799165; bh=Mau/s/tCfagQRAqaEZGcTjwMjak2Wp1YJrn Knb68tII=; b=IYPIS2lFoJEHDThapwRH/tVTASc5RdZnqnjhJdwDnR2ya9ZnfbQ 3lBha42894NeVJPSecIUHLdmHmtMe28ziXUYol/gpB7ugtF7LYelrDw21h4yLCcW 0rLxTvB4fq/sQnv+QmbZdk5DnuySsYYRQyPNJhrN7XkVAaPJD/Iu1lYXUIq2KLRd FJeXxQ4RF0IouPb+UDUahZLKh5Xb7XZEeb1AEqoznnERDMAXkx/hmCUvB53sTD2M 7avuujpTuBSAK6Ilv2e4Re8OPYNa8C5shAeHyAtF9pP9kgcMMVGVRWaVVzONxyX5 yMLQjG+cPdB2xqM6GoicfCiBMDrOe2g6mlA==
X-ME-Sender: <xms:vR8PZNuThdoYUk5wc4atTiaWATvfbYC_uHYiDIW3p1YACaI36UDOgw> <xme:vR8PZGfSkI2GYFCFNojtRLZr90QXdEBj_eYQeL5vKLCqnAHQsXZk5OR7yHYeK4msV lkVW0JY5o-i__WGRbc>
X-ME-Received: <xmr:vR8PZAx4BqRD216sDvjwqka27_a737vVymM23p8uSVfcc52okiIRPibsMAZWQAOCJqDOa1kUtw3Y7d1GF05iihehpWhMsqkLkNA>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvhedrvddvgedggeejucetufdoteggodetrfdotf fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen uceurghilhhouhhtmecufedttdenucenucfjughrpegtggfuhfgjffevgffkfhfvofesth hqmhdthhdtjeenucfhrhhomhepvehhrhhishhtohhphhgvrhcuhghoohguuceotggrfies hhgvrghpihhnghgsihhtshdrnhgvtheqnecuggftrfgrthhtvghrnhepffduteelhfehtd elueetueeuheekfefftdegfedvteevheejgfehveefteegvddvnecuffhomhgrihhnpehi vghtfhdrohhrghenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh hrohhmpegtrgifsehhvggrphhinhhgsghithhsrdhnvght
X-ME-Proxy: <xmx:vR8PZENRj_6Tgd_H4mc8j7u98O_DRBsKkQUQXDhcCqHvEbWPQfpJ1g> <xmx:vR8PZN-PD2aO5CRTF8gYl2muAC5G1Bu5yKCKsbP8VqC7XEOOtKCKkw> <xmx:vR8PZEU4XfTBuEFh11BZDZytM4lzfVeIp7wWVNLxRexhZurkgVNpDw> <xmx:vR8PZPkh-Ep3xB36lxZTziWHoxuFje6OqIhEv-bvn-L9Ws_NeP0XpQ>
Feedback-ID: i2f494406:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Mon, 13 Mar 2023 09:06:04 -0400 (EDT)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
From: Christopher Wood <caw@heapingbits.net>
In-Reply-To: <CAJF-iTSt-yo8VC=LtopYa16Z3n+_rzXgB_ns5wABA-2xt1eqRg@mail.gmail.com>
Date: Mon, 13 Mar 2023 09:05:59 -0400
Cc: "TLS@ietf.org" <tls@ietf.org>, draft-sbn-tls-svcb-ech@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <AEB92993-6EB6-4258-A43B-FA848DA5F7F6@heapingbits.net>
References: <167856282637.23751.7250191563785349082@ietfa.amsl.com> <CAJF-iTSt-yo8VC=LtopYa16Z3n+_rzXgB_ns5wABA-2xt1eqRg@mail.gmail.com>
To: Benjamin Schwartz <ietf@bemasc.net>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/rV6gnPcajdQnTUU47cnysVhQBTY>
Subject: Re: [TLS] New Version Notification for draft-sbn-tls-svcb-ech-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Mar 2023 13:06:12 -0000
Thanks, Ben! We’ll put this on the agenda for discussion. Best, Chris, for the chairs > On Mar 11, 2023, at 3:24 PM, Benjamin Schwartz <ietf@bemasc.net> wrote: > > Hi TLS, > > From its inception, draft-ietf-dnsop-svcb-https (the "SVCB/HTTPS record" draft) has described how to use these new DNS record types to convey Encrypted ClientHello public keys (via ECHConfigList). This resulted in a normative dependency on draft-ietf-tls-esni. However, draft-ietf-tls-esni is still under development, while draft-ietf-dnsop-svcb-https is otherwise ready for publication, and is in turn blocking the publication of a growing number of finished drafts that use the SVCB system. > > The Responsible AD (Warren Kumari) has requested that we separate the Encrypted ClientHello dependency from draft-ietf-dnsop-svcb-https, in order to allow these documents to move forward. We've moved that text into a new draft (below). On the advice of the TLS and DNSOP chairs, we're bringing that draft to the TLS working group and seeking adoption. > > Apart from introductory scene-setting, the language in this draft is largely extracted from draft-ietf-dnsop-svcb-https-11, which had already passed WGLC (in DNSOP), IETF LC, and IESG Review. > > --Ben Schwartz > > ---------- Forwarded message --------- > > A new version of I-D, draft-sbn-tls-svcb-ech-00.txt > has been successfully submitted by Ben Schwartz and posted to the > IETF repository. > > Name: draft-sbn-tls-svcb-ech > Revision: 00 > Title: Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings > Document date: 2023-03-11 > Group: Individual Submission > Pages: 6 > URL: https://www.ietf.org/archive/id/draft-sbn-tls-svcb-ech-00.txt > Status: https://datatracker.ietf.org/doc/draft-sbn-tls-svcb-ech/ > Html: https://www.ietf.org/archive/id/draft-sbn-tls-svcb-ech-00.html > Htmlized: https://datatracker.ietf.org/doc/html/draft-sbn-tls-svcb-ech > > > Abstract: > To use TLS Encrypted ClientHello (ECH) the client needs to learn the > ECH configuration for a server before it attempts a connection to the > server. This specification provides a mechanism for conveying the > ECH configuration information via DNS, using a SVCB or HTTPS record. > > > > > The IETF Secretariat > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Fwd: New Version Notification for draft-sbn… Benjamin Schwartz
- Re: [TLS] New Version Notification for draft-sbn-… Christopher Wood