Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

More explanatory text.. Fixes #587. Fixes #591 #602

Merged
merged 2 commits into from
Feb 25, 2024
Merged

More explanatory text.. Fixes #587. Fixes #591 #602

merged 2 commits into from
Feb 25, 2024

Conversation

ekr
Copy link
Collaborator

@ekr ekr commented Feb 17, 2024

Rewrite the overview section to be a bit clearer and clarified the misconfiguration pieces.

  • Added more narrative text around the topologies.
  • Moved much of misconfiguration piece up to overview so people have some signposting.
  • Expanded the misconfiguration pieces a bit.

@ekr ekr requested a review from chris-wood as a code owner February 17, 2024 18:12
@ekr ekr requested review from davidben and removed request for chris-wood February 17, 2024 18:12
@ekr
Copy link
Collaborator Author

ekr commented Feb 17, 2024

@dennisjackson @martinthomson

This was referenced Feb 17, 2024
Closed
Closed
wbl
wbl reviewed Feb 18, 2024
View reviewed changes
draft-ietf-tls-esni.md Outdated
DNS results, if one is provided.


Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks spurious

sftcd
sftcd reviewed Feb 18, 2024
View reviewed changes
draft-ietf-tls-esni.md
key not known to the server.

* The server has ECH configured but the client has a ECH configuration
and so is attempting ECH.
Copy link
Collaborator

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Missing a negative in 2nd bullet above?

@sftcd
Copy link
Collaborator

sftcd commented Feb 18, 2024

other than the above, this change seems fine

martinthomson
martinthomson approved these changes Feb 19, 2024
View reviewed changes
Copy link
Contributor

@martinthomson martinthomson left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Any point saying that:

This makes availability of a certificate for the public name - and its associated private key - a critical component for server deployment of ECH. This certificate is used both to recover from transient misconfiguration problems and to disable ECH in the event that a server cannot continue to support the capability.

draft-ietf-tls-esni.md Outdated
Comment on lines 264 to 265
* The server has ECH configured but the client has a ECH configuration
and so is attempting ECH.
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
* The server has ECH configured but the client has a ECH configuration
and so is attempting ECH.
* The server does not have ECH configured but the client has a ECH configuration
and so is attempting ECH.

ekr
ekr commented Feb 25, 2024
View reviewed changes
ekr
ekr commented Feb 25, 2024
View reviewed changes
@ekr ekr merged commit 4053b38 into tlswg:overview_expansion Feb 25, 2024
1 check failed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@wbl wbl wbl left review comments

@sftcd sftcd sftcd left review comments

@martinthomson martinthomson martinthomson approved these changes

@davidben davidben Awaiting requested review from davidben

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@ekr @sftcd @martinthomson @wbl