|
From: Linda Dunbar via Datatracker <noreply@xxxxxxxx>
Sent: Wednesday, April 9, 2025 3:58 PM To: ops-dir@xxxxxxxx <ops-dir@xxxxxxxx> Cc: draft-ietf-tls-svcb-ech.all@xxxxxxxx <draft-ietf-tls-svcb-ech.all@xxxxxxxx>; last-call@xxxxxxxx <last-call@xxxxxxxx>; tls@xxxxxxxx <tls@xxxxxxxx> Subject: Opsdir ietf last call review of draft-ietf-tls-svcb-ech-07 ...
> Mixed SVCB RRSets with and without the “ech” parameter are vulnerable to
>
downgrade attacks, yet may occur in multi-provider environments or during
>
staged rollouts. Clear operational guidance is needed to mitigate these risks,
>
such as prioritizing ECH-capable endpoints using SvcPriority. Deployments
>
involving CDNs or multi-CDN setups add complexity around coordination of ECH
>
keys and consistent DNS records, and would benefit from best practice
>
recommendations.
This situation is addressed in detail already in the Security Considerations:
https://www.ietf.org/archive/id/draft-ietf-tls-svcb-ech-07.html#section-8-1. I don't believe we have any further recommendations.
> Additionally, diagnosing ECH failures can be difficult due to the lack of
>
fallback and visibility. The draft should recommend logging and monitoring
>
strategies to help operators detect misconfigurations.
I don't believe we have any relevant recommendations for logging or monitoring. Any such logging would likely not be related to the DNS records, so those recommendations would be in
draft-ietf-tls-esni or a later draft.
> Key rotation, TTL
>
management, and rollback procedures are also important but not addressed.
draft-ietf-tls-esni does already discuss these topics:
|
-- last-call mailing list -- last-call@xxxxxxxx To unsubscribe send an email to last-call-leave@xxxxxxxx
