Sorry I am still confused. The client knows the gateway but how does the gateway know to open the TCP connection to the relay the client wants? And if we're advertising the relay as well then what's the point of OHAI? The security properties depend on an administrative separation that means the client has to pick. That said I can think of applications like CDN providing anti-DDOS protection where the server can be firewalled off from all but outgoing connections, so this whole conversation is irrelevant (but might inspire more paragraphs in the eventual intro) On Thu, Jul 13, 2023, 4:27 AM K Tirumaleswar Reddy (Nokia) < k.tirumaleswar_reddy@nokia.com> wrote: > One of the use cases is to host a DNS over Oblivious HTTP server (DoOH) > without being publicly accessible but allows the clients to access the DoOH > server via a trusted relay. The DoOH server and associated gateway can be > discovered by the client using > https://datatracker.ietf.org/doc/draft-ietf-ohai-svcb-config/. > > Cheers, > -Tiru > > -----Original Message----- > From: Watson Ladd <watsonbladd@gmail.com> > Sent: Wednesday, July 12, 2023 4:31 AM > To: Benjamin Schwartz <ietf@bemasc.net> > Cc: ietf-http-wg@w3.org > Subject: Re: New draft: Reverse HTTP Transport > > > CAUTION: This is an external email. Please be very careful when clicking > links or opening attachments. See the URL nok.it/ext for additional > information. > > > > Could you say more about the usecase? I looked over the doc briefly, but > am still confused. > > Sincerely, > Watson > > -- > Astra mortemque praestare gradatim > >
Received on Thursday, 13 July 2023 15:21:02 UTC