[TLS] Roman Danyliw's Yes on draft-ietf-tls-esni-24: (with COMMENT)
Roman Danyliw via Datatracker <noreply@ietf.org> Fri, 02 May 2025 14:08 UTC
Return-Path: <noreply@ietf.org>
X-Original-To: tls@ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from [10.244.8.181] (unknown [104.131.183.230]) by mail2.ietf.org (Postfix) with ESMTP id 05F98241048A; Fri, 2 May 2025 07:08:41 -0700 (PDT)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: Roman Danyliw via Datatracker <noreply@ietf.org>
To: The IESG <iesg@ietf.org>
X-Test-IDTracker: no
X-IETF-IDTracker: 12.39.2
Auto-Submitted: auto-generated
Precedence: bulk
Message-ID: <174619492088.162752.451722180118177670@dt-datatracker-58d4498dbd-6gzjf>
Date: Fri, 02 May 2025 07:08:40 -0700
Message-ID-Hash: BPXNIFYXVHIJVWCEUIFUOWPEM7JXLR7T
X-Message-ID-Hash: BPXNIFYXVHIJVWCEUIFUOWPEM7JXLR7T
X-MailFrom: noreply@ietf.org
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: draft-ietf-tls-esni@ietf.org, tls-chairs@ietf.org, tls@ietf.org, jsalowey@gmail.com
X-Mailman-Version: 3.3.9rc6
Reply-To: Roman Danyliw <rdd@cert.org>
Subject: [TLS] Roman Danyliw's Yes on draft-ietf-tls-esni-24: (with COMMENT)
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/xuJ96gxO2ZBAwSLWDVqKPUMPAWI>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>
Roman Danyliw has entered the following ballot position for draft-ietf-tls-esni-24: Yes When responding, please keep the subject line intact and reply to all email addresses included in the To and CC lines. (Feel free to cut this introductory paragraph, however.) Please refer to https://www.ietf.org/about/groups/iesg/statements/handling-ballot-positions/ for more information about how to handle DISCUSS and COMMENT positions. The document, along with other ballot positions, can be found here: https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ ---------------------------------------------------------------------- COMMENT: ---------------------------------------------------------------------- Thank you to Pete Resnick for the GENART review. ** Section 8.2. Recommend explicitly documenting that the WG considered the impact of ECH’s design to current operational security practices. There was feedback after the publication of TLS v1.3 that such practices were not considered (even though they were). OLD Some use cases which depend on information ECH encrypts may break with the deployment of ECH. NEW (roughly) Some use cases which depend on information ECH encrypt may break with the deployment of ECH. This includes operational security practices in the enterprise that depend on the SNI for policy enforcement, audit or network visibility. ** From idnits: ** Obsolete normative reference: RFC 6125 (Obsoleted by RFC 9525) Should RFC9525 be used instead of RFC6125 in Section 6.1.7? Not, why not?
- [TLS] Roman Danyliw's Yes on draft-ietf-tls-esni-… Roman Danyliw via Datatracker