Clients and proxies create independent TLS connections to the upstream node in the OHTTP chain. This raises some interesting questions:
What if the trust stores between client and proxy are disjoint?
What if the proxy completely disables server authentication in its connection to the target?
The ODoH model does not assume a secure connection between proxy and target, so I don't think this has an effect on the security properties of OHTTP. That said, it may be worth noting explicitly, if we don't already do so.
Yeah, the same applies here. We rely on the proxy not leaking certain information, but that does not necessarily extend to a reliance on TLS for that hop. Worth noting.
Clients and proxies create independent TLS connections to the upstream node in the OHTTP chain. This raises some interesting questions:
The ODoH model does not assume a secure connection between proxy and target, so I don't think this has an effect on the security properties of OHTTP. That said, it may be worth noting explicitly, if we don't already do so.