Hiya,
On 24/08/2022 00:39, 涛叔 wrote:
It may be right for a common cloud platform, but what about indie server? Every site who need ECH have to deploy an addition outer domain to*protect* the inner one. But these indie servers can not share a common outer domain, so the have to use some distinct one who doe one-to-one respond the inner one.
I don't believe that is the case. A small hoster can choose a "public_name" and use that for customers. An enterprise of whatever size can choose a "public_name" like example.com andthen use that and ECH to cover accesses to other internal names like accounts.example.com or hr.example.com. I know
there are a bunch of people who think by far the main value of ECH relates to CDNs, and they may be correct, but I tend to think the above approaches also have value. Cheers, S.
OpenPGP_0x5AB2FAF17B172BEA.asc
Description: OpenPGP public key
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
