From 9fe200f87c40dc5b857a0acff7a1eb38ab2ade55 Mon Sep 17 00:00:00 2001 From: Martin Thomson Date: Mon, 18 Nov 2024 10:41:19 +1100 Subject: [PATCH] Fix typo --- draft-ietf-tls-esni.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/draft-ietf-tls-esni.md b/draft-ietf-tls-esni.md index 4e7a36c8..f2d326a5 100644 --- a/draft-ietf-tls-esni.md +++ b/draft-ietf-tls-esni.md @@ -1402,7 +1402,7 @@ situation significantly worse. Clearly, DNSSEC (if the client validates and hard fails) is a defense against this form of attack, but encrypted DNS transport is also a -defenses against DNS attacks by attackers on the local network, which +defense against DNS attacks by attackers on the local network, which is a common case where ClientHello and SNI encryption are desired. Moreover, as noted in the introduction, SNI encryption is less useful without encryption of DNS queries in transit mechanisms.