Re: updating ECH keys from a web server from Ben Schwartz on 2022-02-22 (ietf-http-wg@w3.org from January to March 2022)

From: Ben Schwartz <bemasc@google.com>
Date: Tue, 22 Feb 2022 10:57:30 -0500
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <CAHbrMsApFpb=+0R5z0678whBaLg8y=RJLUL40EA2g7R0XX7K1A@mail.gmail.com>

Given that this is a protocol for communication between an HTTP origin (as
the server) and the authoritative DNS server for its hostname (as the
client), I think we'll also need some input from DNSOP.

That context also helps me to see other things that might naturally fit
here, such as the list of supported HTTP versions (i.e. ALPN values), to
populate the HTTPS records correctly.

On Mon, Feb 21, 2022 at 8:39 PM Stephen Farrell <stephen.farrell@cs.tcd.ie>
wrote:

>
> Hiya,
>
> TL;DR: I'm hoping to get feedback from httpbis folks
> related to draft-farrell-tls-wkesni [1].
>
> The TLS WG is well down the (long;-) road developing the
> encrypted client hello (ECH) spec. [2] I implemented [3]
> that and as part of that, to support rotating ECH keys, I
> needed to implement a way to get newly generated keys into
> the DNS, within HTTPS RRs (or SVCB RRs) according to [4].
> So I implemented [1] which allows a web server to make it's
> current set(s) of ECH keys available to DNS infrastructure
> via a .well-known URL. (In my case the web server has no
> dynamic DNS API, hence the need for something more.)
> This leaves control of the ECH private values with the
> web server (admins), which seems desirable in many cases,
> and control over modifying zone files to DNS admins which
> also seems desirable.
>
> This was briefly discussed at a few TLS WG sessions, but
> hasn't yet been "adopted." In part, that's because it's
> not clear whether or not this is a sufficiently useful
> way to handle the task, nor whether some web server
> administrators might be more interested in other tooling
> that might include this kind of feature.
>
> So, I'd appreciate feedback as to whether this seems like
> a useful tool to be in the toolbox or whether something
> else might be more useful, in particular for web server
> admins who don't have a dynamic DNS API available and for
> implementers developing web servers that need to support
> such deployments.
>
> Thanks,
> Stephen.
>
> [1] https://datatracker.ietf.org/doc/draft-farrell-tls-wkesni/
> [2] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
> [3] https://defo.ie/
> [4] https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/
>

Attachments

application/pkcs7-signature attachment: S/MIME Cryptographic Signature

Received on Tuesday, 22 February 2022 15:58:54 UTC