IETF Logo Mail Archive

[TLS] Re: Mohamed Boucadair's Discuss on draft-ietf-tls-svcb-ech-07: (with DISCUSS and COMMENT)

Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 30 April 2025 19:52 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id 07230234D3F9; Wed, 30 Apr 2025 12:52:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=0.001, RCVD_IN_VALIDITY_RPBL_BLOCKED=0.001, RCVD_IN_VALIDITY_SAFE_BLOCKED=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietf.org (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietf.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id lyyQJdeZCNf3; Wed, 30 Apr 2025 12:52:11 -0700 (PDT)
Received: from EUR02-VI1-obe.outbound.protection.outlook.com (mail-vi1eur02on2127.outbound.protection.outlook.com [40.107.241.127]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-384) server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id DF31C234D3EB; Wed, 30 Apr 2025 12:52:10 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=NdE9zXd5/Dx9IWHsV9Bint0H2eBa/Ov0B+oo2/d/eaICiXPvLphoguRvmtMd2GLyKry5h2hnWLcvP+hNFqHu7hgGF7RuC1XDkKu/2RAzwHzjkzD6I9fPgdwVMbn/h9ybiQs+CZXkKjoNODeGcsJYycOWrRM0YMOCkuU/3DxsCPyyVkjW5YdKBFb/kWzA2EdaXLf/nYHlMS5e9MCpKrOrCa1rmnDDehU51cN/t7jGveVXGhoONbv89Pe0TprEO6zxF9qh8+EmrfZ29g0i37nnX/peI1H7b14y4nrq9+YD1fKPG1fz4AoxfSNnBmjzd5G0Yg3UjrWCeC1jS7bch4KX0A==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=jTEmki8T7truimb1lCaphhFQoD/vbdrqOpVyZKYjUA4=; b=SUECQ7woyHW/WtlifoU27OyUkPaVqjgSNAwMDsTBVwnvZfnm7ySJNFIpp+qpYIxGmNjs/cuvBZ5iikGsllNLgP0FoBPDZzMbWyMAaRodURp22N6dfOQMD/8/YI//BO9YgvX7yzoXgUbdpEN5V+bDlZzBWT5IHM8m65lExeza3zEoWSLiziygEnpOm16aNzSI/W8mo+1dBDQdvwsuyChS/B8vU4UljnwxnA8wuk01NjabJRrWBMveanXIeFZBONGjMt7GBnH8drvIAYMRYwb6jdIYcxVm/a1ZrRCu9x9oR/pmWDwUajB6Vk7cpdCAh+h83ARRxFY9X4N50IXRxyCr3A==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=jTEmki8T7truimb1lCaphhFQoD/vbdrqOpVyZKYjUA4=; b=eNBIya51TaDzeeUIwKlWtdgly2zjRWImfaxSH4zttjb5/ZcnetLoeBWVKVTGbU/RXf22spRH+rOneHRv0X3LbgmXdF7frmSXyVvEzEXk+dIpyCEjpUIgvHH13qU0uAJmnkAR61zHjuW8uvDUaojFna7pnBMnPUbOq2nvnwbMFnCuARGx67hHIOT+sp6oab1HywyVBI7WN3O+IDll5BozqAhBcWR50OTzlJsEKIUoDXtOFqML5uMrLIjCnPtJH/ycIuHL/VqRzLvsHn2hBkZRuepcIi8Y6mklfGxSzFSEHJEpdpzgZcl0tly0qGQrOj/Q4taqC6u8XWc3skCNlTwalQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16) by AM9PR02MB6595.eurprd02.prod.outlook.com (2603:10a6:20b:2c8::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.8699.21; Wed, 30 Apr 2025 19:52:08 +0000
Received: from DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a]) by DB8PR02MB5946.eurprd02.prod.outlook.com ([fe80::e0d3:772e:a68d:d54a%4]) with mapi id 15.20.8699.019; Wed, 30 Apr 2025 19:52:08 +0000
Message-ID: <b32e4746-9c34-4f43-87aa-dbeecaf8d721@cs.tcd.ie>
Date: Wed, 30 Apr 2025 20:52:06 +0100
User-Agent: Mozilla Thunderbird
To: Ben Schwartz <bemasc=40meta.com@dmarc.ietf.org>, The IESG <iesg@ietf.org>, Mohamed Boucadair <mohamed.boucadair@orange.com>
References: <174602502787.209839.15198947055297433739@dt-datatracker-9c7687889-5mqnr> <SA1PR15MB43706025857BC5AD233E60DCB3832@SA1PR15MB4370.namprd15.prod.outlook.com>
Content-Language: en-US
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Autocrypt: addr=stephen.farrell@cs.tcd.ie; keydata= xjMEY9GzphYJKwYBBAHaRw8BAQdAo6JvjmSbxHdQWPZdvciQYsHhM1NxQBU398Mmimoy4p7N M1N0ZXBoZW4gRmFycmVsbCAoMjU1MTkpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPsKQ BBMWCAA4FiEEMG54R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwMFCwkIBwIGFQoJCAsCBBYC AwECHgECF4AACgkQ5Njp+ZeoM93bogEA25ElRyX0wwg+kGEN1AoL60MoZfvQZ/VtmXY6IC5j +csBAIBpkL5ySuzJK2zLNZn9qQGht8IaUcA7cvDcLvS2uHUEzjgEY9GzphIKKwYBBAGXVQEF AQEHQILCPWOwW36e8D3pY8GmvvtItIT+A5uV80ist+WokVsQAwEIB8J4BBgWCAAgFiEEMG54 R8tZDyZFrDOn5Njp+ZeoM90FAmPRs6YCGwwACgkQ5Njp+ZeoM92bcAEA8R+8cpqRUIS+SoAN iO05xE6O/wEx8/e88BqzAYki3SoBAOQdwiPX+MQrAxkWD8xxOsdMOAtxYKpkD1n8aPJUw6QJ
In-Reply-To: <SA1PR15MB43706025857BC5AD233E60DCB3832@SA1PR15MB4370.namprd15.prod.outlook.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------bUKAgafng2oLp1C1GhEw1fHh"
X-ClientProxiedBy: DUZPR01CA0127.eurprd01.prod.exchangelabs.com (2603:10a6:10:4bc::13) To DB8PR02MB5946.eurprd02.prod.outlook.com (2603:10a6:10:11c::16)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB8PR02MB5946:EE_|AM9PR02MB6595:EE_
X-MS-Office365-Filtering-Correlation-Id: 79702a68-6516-4db4-9a6c-08dd88207d5a
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;ARA:13230040|1800799024|376014|366016|10070799003;
X-Microsoft-Antispam-Message-Info: ZCWymob533S4HPSus4C/tcASHakqyiKU2qJnzJQ2g1+3uZOVa1BKBZV9pvF9v+wZiOlcbVu+znmJHnTyZoV0TCR3oXpqiI2cVPUnTUo7t+KBLoFo+7I96qRM9tU0kC9ssLB0O0uMI30uzT29Av913LO7B23rJVCNaMMJVYTVGZpmB5JALonJApk53VFJpR26yd5GoDRHdFZjNywhgJYLx9pzWpQHjHXnNZa3Q/vG5gLcMN056zKXnJTvVNBakCr/6j23IhkpEZFYvcJDljI3nuZeOzxUh/MuFCkASGLkESyLPEmexRbiox5D9xPO8UsUJ6QSi+Mw0I2m+6ng/C3Xb/eqmyjxCuxN8VJ7XvT0heKIHf5702mZXNHuZ1Al4pXOF+VUTK1FvooiNurL4Q/K4UfXw5zhknmfhLDdrHxeWrnzzU8dEK9Ia8HsBicLb0zS2fKdh+QKJK0KM5u8TSSmOk2j7kW6sKmjlc/DUcM2YaWyOY8obQsqdXPhc2T8sJM0ZvlHZQNIijt5NBtT1uFAJUoF6CzqhLm1l2LzbohNJdP/NsKNjiamTrzhx80S7OfBs/08z167i/YgNO30kxqCrGy9aZuOZLffcc3WPY0r/yLLXIocEeaVLv2Uzdh43Od9b+M1Z44rvHBqx8A1V8v/8Z827VxFKdoDhpr6C34eLUHMsXOVe9e8ts8i4tE0pmFk1s820WeSDvF2fvyzK0MZQlvxLszRf77rxLPSNEjpRllB/mh4yPDP18VkWtn1hT+mqX3klDzbjsuxrBibnHSh43uVBR40kECfCx2wlN1t0oYjZzHtbsHhQFFopVCi3Nl9Dbyx4T5/g2elAR5kIMKeOsL43iYybnnE5mMotXjxXbpifWr+zCpm9j5U9RictmmrQXLzZK0K0aX18ySCq+SRkPyj25uN98u0PpVPDMC4ruN4JMDE4oncLXG9519Pj7gUxAUYQvBhdmHZRstxTj79zFzdyseTCBzeq8CckK694v+H/50q65nG3s8U7SiECTM+ERveQZPgv+xFU7cNeldzk08eY7EmfFflCbojAYsXeyZA215LInVIMCkVHa9JwbmaBEcpfhk4a9wrCsZA+BS6VrYx14xHCYHTw0vGab0F8t8blP04QcPdQL/r2JEpDuorasEhwf1ZEl8rt5UPeY9QgjJY1umK9vV6Ho9gQBwlRQmq+fQ+7tXCrPA9K/UHsFwvUexRqeUgUs3B3lb53GhB1MVyCv+HjxRrFHbkaSIHC//dSZSdkK3GMU8uCG0vkyFFFgeAnj3XlTKGz/jAVO9oJWkOUjXEpjMv1rpwQdbyZbRRm7VIR19/n/Tv57/Rk5yFJJGjCnb00nysZ0sAiPkInnNPyv9KD6tTp6r8bn5cP0W2LBV4Ol83eUDDmM4C5tH8jGyI0fNtJc0CP0AU2ErKJkJ+HFgTPF80+Cn5mGQqDeY=
X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:DB8PR02MB5946.eurprd02.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230040)(1800799024)(376014)(366016)(10070799003);DIR:OUT;SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: cmNlX/sp+o0pl2buJG7zAe3dUUavyGin3TFdfzDjvMw9jie2CXASPbu8kFqIP6U3pAV/9Hj5qOCxA9DhtoAQkk6NUy6n9BdrAcb4pGJ0gmp1IRe/QMJzmqvNM2eVrIj9sGusAxP5E0KcSLQSp4//HVrTyKBHuel2GwjrFH8QRKB2aJ+OIWjit6bWSvu4aZaFetJpxYO3A4aDGIh/Zm9vwVHiRGx1bnXECGze8yxxB6HcZBGsZ3260/icPobRxyTkCuuVy2aGyfBn09GGC+n/Gm0KRkRFO/Hu+ipF07ShgASDJ6HUeewfykkpnXITtgQIt6yGAYUIKSFMuxOiqnZYyYlrKNmzfT3GM8WF6BTP2aUxe6ICOPL4g+tozbVIe6WUxS/Lt7P96m2qcByy9rjd9R9pQUl9nWSRsZOf1kf5AVADqfM9oyvpIFWxNIQKP7fdhfHcjPH0Urq+8+fY3520aqWaZHrKjOwN5q2IJdMFEP+NPALjspaJgpGDZ8co0fz+xiqhC2ZE8420PcnEl8m+ucwRMNZG7eTd6AHojnS8TGiLSeWo6XOwtziTjHCo3+6lyW2SdC90UF/oR1XqUIiZDU3USOcorn5GEzK2jl8UO/1zV0suLEIgsUk56FbRep+KLJOfUNObcRRVZC6QkwtSkizddyqafMWR919DwefV4oLvLLXd9No5Nghnu+5Bjy2fpkMB7prsu9e1LWhmtLF/H/k+1v+A2roNpGRnoRdB+JzROgyx6tEFweGQa2aUAvNIsOZgmlazSYFFaOvP52uLrX50YwlG4S1HgUnd2kFJZpcqeJKvI0nd6PnCdFsRjabyYsZK42w5fjBTmwa5pIFtbBPhr8v4B3Q3uH2cckPiz2Oej2M6X0UxmOJjwM+YKgwkUDAxFh8jxtMzR3R2FZXLStCrb1iScr3ifx2g/AYLC0i3e4i2hjKWCUtA5V0MO6Djh8h3Vl/LGUWmXppFe7At+nWmwuZ0EF6e8hL8RBQYTbfJSfcm2kK8sbqL0Lnd1tKY+1owGX0HnjW8vLdt3EyUstKSqnHjVWtAitW3pdV5aYAG8mq4Q3mQzyGJgE6XvzOymn+FYebmCdxgHF2XW7yLLb+Qj33c2srJ1Wx04F/YdCkTswVBdooH5xJpWtcm6w0VwOQHLjsdVkTTIBMsbbpsAy6tyt6LiMxbd5gnPMIsLXY88tgZam8QlYyCLlUDYZ3zIytl+AFmPNQ3cqkFwoODm/VkpxaqEcTAGeRArMUV5+KI9XEMZs2iKyUQD9ISux2Qesti9oscTvCQA+gLhPT7tJhtxEtKd+VnMa5e/u8Zz919OyS3zcT8KZFG8VFRxMAXfzMppmYe2x0xf1GXEeyDzp18aTwGpRe3R3jwyHHoqDaImTRPa5PzJQfloJe4jvID28vQRebR0CcJA7KbmCXxBDMpyVEThHwtVzLa7NjU/9AF9sdOxVhGJluvHaxfpyTNDWczI7tvQ0aM/7se0L6So+kWF579giqkGhQIz5+VvFLt82DGcDXS8zJ0at4ec9iVTKxCvVIhqugBDbrRWbcyhA3oNGU7eXRV6mgyPQ7CjQ54zAneaPIJUazWe4PoXfIE+OSZiLu7rDOJ53jKZbOlYi2I5S2JGsxU7vgjKbh03goygd2y7yGfx3w09PDEmYDy
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 79702a68-6516-4db4-9a6c-08dd88207d5a
X-MS-Exchange-CrossTenant-AuthSource: DB8PR02MB5946.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Apr 2025 19:52:08.0806 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: C35ucTbS+6wvcXE1jhJDvF/bNK18vT9lIq2V8iK41anih2MEiKemyJMublvvnCrO
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM9PR02MB6595
Message-ID-Hash: Q2S642OWZB2LDPLXAU4TR3VNCEEQRUOP
X-Message-ID-Hash: Q2S642OWZB2LDPLXAU4TR3VNCEEQRUOP
X-MailFrom: stephen.farrell@cs.tcd.ie
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "draft-ietf-tls-svcb-ech@ietf.org" <draft-ietf-tls-svcb-ech@ietf.org>, "tls-chairs@ietf.org" <tls-chairs@ietf.org>, "tls@ietf.org" <tls@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Mohamed Boucadair's Discuss on draft-ietf-tls-svcb-ech-07: (with DISCUSS and COMMENT)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/tMP66RJljRr_6ggnS23nlxGMLic>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>


On 30/04/2025 19:58, Ben Schwartz wrote:
> "This specification is implemented today by Chrome, Firefox, and Safari [1],

And curl. [3]

> and is deployed on all Cloudflare free tier domains [2]."

And a bunch of test domains I host:-)

S.

[3] https://github.com/curl/curl/blob/master/docs/ECH.md

v2.34.0 | Report a Bug | By Email | System Status