Javascript disabled? Like other modern websites, the IETF Datatracker relies on Javascript. Please enable Javascript for full functionality.

Last Call Review of draft-ietf-tls-esni-24
review-ietf-tls-esni-24-opsdir-lc-fioccola-2025-03-25-00

Versions:

Request	Review of	draft-ietf-tls-esni
	Requested revision	No specific revision (document currently at 24)
	Type	IETF Last Call Review
	Team	Ops Directorate (opsdir)
	Deadline	2025-03-27
	Requested	2025-03-12
	Requested by	Mohamed Boucadair
	Authors	Eric Rescorla , Kazuho Oku , Nick Sullivan , Christopher A. Wood
	I-D last updated	2025-03-23 (Latest revision 2025-03-20)
	Completed reviews	Dnsdir IETF Last Call review of -23 by R. (Miek) Gieben (diff) Artart IETF Last Call review of -23 by Carsten Bormann (diff) Secdir IETF Last Call review of -23 by Adam W. Montville (diff) Tsvart IETF Last Call review of -23 by Tommy Pauly (diff) Genart IETF Last Call review of -23 by Stewart Bryant (diff) Opsdir IETF Last Call review of -24 by Giuseppe Fioccola Dnsdir Telechat review of -24 by R. (Miek) Gieben Intdir Telechat review of -24 by Tommy Pauly
	Comments	Comments about operational implications/considerations + management are specifically welcome. Thank you
Assignment	Reviewer	Giuseppe Fioccola
	State	Completed
	Request	IETF Last Call review on draft-ietf-tls-esni by Ops Directorate Assigned
	Posted at	https://mailarchive.ietf.org/arch/msg/ops-dir/I1VhClZqtjF1QYjH6rGVVCZ66y4
	Reviewed revision	24
	Result	Ready
	Completed	2025-03-25

review-ietf-tls-esni-24-opsdir-lc-fioccola-2025-03-25-00

The document defines a new TLS extension, called Encrypted Client Hello (ECH),
for encrypting a ClientHello message under a server public key. I think that it
is clear and well-written.

This extension is supported in TLS 1.3 (RFC 8446), DTLS 1.3 (RFC 9147) and
newer versions. It is intended to work with various transport protocols (TCP,
UDP, QUIC), by improving their security and privacy.

From an OPSDIR point of view, section 8 on Deployment Considerations is quite
relevant since ECH requires changes to client, client-facing server, and
backend server. In this regard, compatibility issues and deployment impacts are
reported. Some considerations about the implementation choices are also
mentioned in the text.

Last Call Review of draft-ietf-tls-esni-24 review-ietf-tls-esni-24-opsdir-lc-fioccola-2025-03-25-00

Last Call Review of draft-ietf-tls-esni-24
review-ietf-tls-esni-24-opsdir-lc-fioccola-2025-03-25-00