Hi folks, Below are two PRs that seek to address the multi-CDN issue discussed on this list and in meetings:
1. https://github.com/tlswg/draft-ietf-tls-esni/pull/136 2. https://github.com/tlswg/draft-ietf-tls-esni/pull/137 #136 implements the combined or stapled record approach discussed several times, most recently in [1]. It includes these via an ESNIKeys extension. #137 builds on this design with a mechanism that lets clients detect and recover from A/AAAA and ESNI mismatch (if desired). It is certainly more complex in several respects. A third variant, which is not (yet) in PR form, is a simplification of #137 wherein ESNIKeys addresses are only used as filters, instead of filters *or* complete addresses. We are asking for feedback on these PRs, as we would like to merge one of them for the next draft version. As #136 is simpler and permits extensibility, that is the current preference. Thanks in advance for your feedback. Best, Chris (no hat, on behalf of the authors) [1] https://mailarchive.ietf.org/arch/msg/tls/WXrPgaIsIPItDw3IQthmJk9VRlw _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
