________________________________ From: Linda Dunbar via Datatracker <[email protected]> Sent: Wednesday, April 9, 2025 3:58 PM To: [email protected] <[email protected]> Cc: [email protected] <[email protected]>; [email protected] <[email protected]>; [email protected] <[email protected]> Subject: Opsdir ietf last call review of draft-ietf-tls-svcb-ech-07
... > Mixed SVCB RRSets with and without the “ech” parameter are vulnerable to > downgrade attacks, yet may occur in multi-provider environments or during > staged rollouts. Clear operational guidance is needed to mitigate these risks, > such as prioritizing ECH-capable endpoints using SvcPriority. Deployments > involving CDNs or multi-CDN setups add complexity around coordination of ECH > keys and consistent DNS records, and would benefit from best practice > recommendations. This situation is addressed in detail already in the Security Considerations: https://www.ietf.org/archive/id/draft-ietf-tls-svcb-ech-07.html#section-8-1. I don't believe we have any further recommendations. > Additionally, diagnosing ECH failures can be difficult due to the lack of > fallback and visibility. The draft should recommend logging and monitoring > strategies to help operators detect misconfigurations. I don't believe we have any relevant recommendations for logging or monitoring. Any such logging would likely not be related to the DNS records, so those recommendations would be in draft-ietf-tls-esni or a later draft. > Key rotation, TTL > management, and rollback procedures are also important but not addressed. draft-ietf-tls-esni does already discuss these topics: Key rotation: https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni#name-maintain-forward-secrecy Rollback: https://datatracker.ietf.org/doc/html/draft-ietf-tls-esni#name-misconfiguration-and-deploy
_______________________________________________ TLS mailing list -- [email protected] To unsubscribe send an email to [email protected]
