IETF Last Call Review of draft-ietf-tls-svcb-ech-07
review-ietf-tls-svcb-ech-07-opsdir-lc-dunbar-2025-04-09-00
| Request | Review of | draft-ietf-tls-svcb-ech |
|---|---|---|
| Requested revision | No specific revision (document currently at 07) | |
| Type | IETF Last Call Review | |
| Team | Ops Directorate (opsdir) | |
| Deadline | 2025-03-27 | |
| Requested | 2025-03-12 | |
| Requested by | Mohamed Boucadair | |
| Authors | Benjamin M. Schwartz , Mike Bishop , Erik Nygren | |
| I-D last updated | 2025-03-28 (Latest revision 2025-02-12) | |
| Completed reviews |
Dnsdir Early review of -01
by Ted Lemon
(diff)
Artart IETF Last Call review of -06 by Barry Leiba (diff) Genart IETF Last Call review of -06 by Lucas Pardue (diff) Dnsdir IETF Last Call review of -06 by James Gannon (diff) Dnsdir IETF Last Call review of -07 by Matt Brown Opsdir IETF Last Call review of -07 by Linda Dunbar |
|
| Assignment | Reviewer | Linda Dunbar |
| State | Completed | |
| Request | IETF Last Call review on draft-ietf-tls-svcb-ech by Ops Directorate Assigned | |
| Posted at | https://mailarchive.ietf.org/arch/msg/ops-dir/xKaSTIqSPI1waT-8beS4JkddiOM | |
| Reviewed revision | 07 | |
| Result | Not ready | |
| Completed | 2025-04-09 |
review-ietf-tls-svcb-ech-07-opsdir-lc-dunbar-2025-04-09-00
I have reviewed this document as part of the Ops area directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the Ops area directors. Document editors and WG chairs should treat these comments just like any other last-call comments. The draft introduces valuable privacy enhancements but also raises several deployment challenges. Mixed SVCB RRSets with and without the “ech” parameter are vulnerable to downgrade attacks, yet may occur in multi-provider environments or during staged rollouts. Clear operational guidance is needed to mitigate these risks, such as prioritizing ECH-capable endpoints using SvcPriority. Deployments involving CDNs or multi-CDN setups add complexity around coordination of ECH keys and consistent DNS records, and would benefit from best practice recommendations. Additionally, diagnosing ECH failures can be difficult due to the lack of fallback and visibility. The draft should recommend logging and monitoring strategies to help operators detect misconfigurations. Key rotation, TTL management, and rollback procedures are also important but not addressed. The draft should add an “Operational Considerations” section summarizing these aspects to improve deployability and manageability. Best Regards, Linda Dunbar