Skip to main content

Bootstrapping TLS Encrypted ClientHello with DNS Service Bindings

Document Type Replaced Internet-Draft (tls WG)
Expired & archived
Authors Benjamin M. Schwartz , Mike Bishop , Erik Nygren
Last updated 2023-09-12 (Latest revision 2023-03-11)
Replaced by draft-ietf-tls-svcb-ech
RFC stream Internet Engineering Task Force (IETF)
Intended RFC status (None)
Additional resources Mailing list discussion
Stream WG state Adopted by a WG
Document shepherd (None)
IESG IESG state Replaced by draft-ietf-tls-svcb-ech
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft is available in these formats:


To use TLS Encrypted ClientHello (ECH) the client needs to learn the ECH configuration for a server before it attempts a connection to the server. This specification provides a mechanism for conveying the ECH configuration information via DNS, using a SVCB or HTTPS record.


Benjamin M. Schwartz
Mike Bishop
Erik Nygren

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)