Re: updating ECH keys from a web server from Stephen Farrell on 2022-02-22 (ietf-http-wg@w3.org from January to March 2022)

From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Date: Tue, 22 Feb 2022 17:13:46 +0000
To: Ben Schwartz <bemasc@google.com>
Cc: "ietf-http-wg@w3.org Group" <ietf-http-wg@w3.org>
Message-ID: <59a3c5bd-06d0-a3e1-41ce-cd97c28e8430@cs.tcd.ie>


Hi Ben,

On 22/02/2022 15:57, Ben Schwartz wrote:
> Given that this is a protocol for communication between an HTTP origin (as
> the server) and the authoritative DNS server for its hostname (as the
> client), I think we'll also need some input from DNSOP.

Fair point.

> 
> That context also helps me to see other things that might naturally fit
> here, such as the list of supported HTTP versions (i.e. ALPN values), to
> populate the HTTPS records correctly.

Good point - I only publish very bare-bones HTTPS RRs for my
test servers, so didn't include that, but will. I created an
issue for that. [1]

Cheers,
S.

[1] https://github.com/sftcd/wkesni/issues/1


> 
> On Mon, Feb 21, 2022 at 8:39 PM Stephen Farrell <stephen.farrell@cs.tcd.ie>
> wrote:
> 
>>
>> Hiya,
>>
>> TL;DR: I'm hoping to get feedback from httpbis folks
>> related to draft-farrell-tls-wkesni [1].
>>
>> The TLS WG is well down the (long;-) road developing the
>> encrypted client hello (ECH) spec. [2] I implemented [3]
>> that and as part of that, to support rotating ECH keys, I
>> needed to implement a way to get newly generated keys into
>> the DNS, within HTTPS RRs (or SVCB RRs) according to [4].
>> So I implemented [1] which allows a web server to make it's
>> current set(s) of ECH keys available to DNS infrastructure
>> via a .well-known URL. (In my case the web server has no
>> dynamic DNS API, hence the need for something more.)
>> This leaves control of the ECH private values with the
>> web server (admins), which seems desirable in many cases,
>> and control over modifying zone files to DNS admins which
>> also seems desirable.
>>
>> This was briefly discussed at a few TLS WG sessions, but
>> hasn't yet been "adopted." In part, that's because it's
>> not clear whether or not this is a sufficiently useful
>> way to handle the task, nor whether some web server
>> administrators might be more interested in other tooling
>> that might include this kind of feature.
>>
>> So, I'd appreciate feedback as to whether this seems like
>> a useful tool to be in the toolbox or whether something
>> else might be more useful, in particular for web server
>> admins who don't have a dynamic DNS API available and for
>> implementers developing web servers that need to support
>> such deployments.
>>
>> Thanks,
>> Stephen.
>>
>> [1] https://datatracker.ietf.org/doc/draft-farrell-tls-wkesni/

>> [2] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/

>> [3] https://defo.ie/

>> [4] https://datatracker.ietf.org/doc/draft-ietf-dnsop-svcb-https/

>>
>

Attachments

application/pgp-keys attachment: OpenPGP public key

Received on Tuesday, 22 February 2022 17:14:13 UTC