Hm, not super thrilled about TLS Encrypted Client Hello requiring the public key to be published to the DNS... We'll really end up with ACME clients that *need* write access to the DNS zone.
Follow
Maybe this can be mitigated with proper scoping and expiration of these DNS entries. But we're still ways off a proper widely-supported DNS update protocol.
@wolf480pl my reading of the RFC would suggest that it's the same key, yeah...
@emersion I skimmed through the ECH RFC but haven't found anything saying that, so I'll be grateful for pointers in which part it's written.
@wolf480pl Eh, no, you're right, sounds like it could be different.
@emersion are you sure the ECH public key is the same as the TLS certificate?
I'd expect it to be a separate thing, which you can rotate separately if you want, but I haven't yet seen evidence in either direction...