Skip to main content

Service Binding and Parameter Specification via the DNS (SVCB and HTTPS Resource Records)
draft-ietf-dnsop-svcb-https-12

Yes

Erik Kline
Paul Wouters

No Objection

Jim Guichard
John Scudder
Murray Kucherawy
(Andrew Alston)
(Lars Eggert)
(Martin Duke)
(Robert Wilton)

Note: This ballot was opened for revision 12 and is now closed.

Erik Kline
Yes
Paul Wouters
Yes
Warren Kumari
Yes
Comment (2023-04-07) Sent
This is the second ballot, diff from the previously approved version: https://author-tools.ietf.org/iddiff?url1=draft-ietf-dnsop-svcb-https-11&url2=draft-ietf-dnsop-svcb-https-12&difftype=--html

Please see the ballot text for reasons.
Jim Guichard
No Objection
John Scudder
No Objection
Murray Kucherawy
No Objection
Roman Danyliw
No Objection
Comment (2023-04-12) Not sent
Thanks to Kyle Rose for the security feedback in the TSVART review.

This is my second IESG review on this document.  Thank you for addressing my COMMENT feedback from the first IESG review.  I have nothing new to add during this second review.
Zaheduzzaman Sarker
No Objection
Comment (2023-04-12) Not sent
Thanks for working on the updates, I didn't find any transport related issues in this specification.
Éric Vyncke
No Objection
Comment (2023-04-09) Sent
Thank you for the work put into this document and for redoing it with ECH. Important piece of work as it is related to some ADD documents as well. 

Please find below some non-blocking COMMENT points (but replies would be appreciated even if only for my own education), and some nits.

Special thanks to Tim Wicinski for the shepherd's write-up including the detailed section about the WG consensus even if I regret the absence of intended status justification. 

I hope that this helps to improve the document,

Regards,

-éric

COMMENTS

Slight regret that some of my -08 comments were not addressed (e.g., expanding HSTS) even if most of them were indeed addressed.

I also wonder about the amount of ECH-related content in this revised I-D while the whole goal of the exercise was to disconnect from ECH. E.g., in section 1.1 there is a *new* " Enable the conveyance of Encrypted ClientHello [ECH] keys associated with an alternative endpoint."

BTW, I like the addition of DNS64 in the document.
Andrew Alston Former IESG member
No Objection
No Objection () Not sent

                            
Lars Eggert Former IESG member
No Objection
No Objection () Not sent

                            
Martin Duke Former IESG member
No Objection
No Objection () Not sent

                            
Robert Wilton Former IESG member
No Objection
No Objection () Not sent