Re: Shared Dictionaries (SDCH and friends)

Martin Thomson <> Fri, 20 January 2017 04:11 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 4B8191297EE for <>; Thu, 19 Jan 2017 20:11:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -9.7
X-Spam-Status: No, score=-9.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RCVD_IN_SORBS_SPAM=0.5, RP_MATCHES_RCVD=-3.199, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id RwlwNCNtO4uw for <>; Thu, 19 Jan 2017 20:11:50 -0800 (PST)
Received: from ( []) (using TLSv1.2 with cipher DHE-RSA-AES128-SHA (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id C257C1297FE for <>; Thu, 19 Jan 2017 20:11:49 -0800 (PST)
Received: from lists by with local (Exim 4.80) (envelope-from <>) id 1cUQVz-0007WA-MY for; Fri, 20 Jan 2017 04:09:27 +0000
Resent-Date: Fri, 20 Jan 2017 04:09:27 +0000
Resent-Message-Id: <>
Received: from ([]) by with esmtps (TLS1.2:RSA_AES_128_CBC_SHA1:128) (Exim 4.80) (envelope-from <>) id 1cUQVu-0007Uk-JY for; Fri, 20 Jan 2017 04:09:22 +0000
Received: from ([]) by with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.84_2) (envelope-from <>) id 1cUQVo-000491-9H for; Fri, 20 Jan 2017 04:09:17 +0000
Received: by with SMTP id v200so66594370ywc.3 for <>; Thu, 19 Jan 2017 20:08:55 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=Q8A9hVC5F7xPQVT9GiQ9c3Kk0ynHUnOQoA/XynwKvI4=; b=jruTn0S9nFdiJisu4KAKye1mjRdaQx4cBo4dSM7ImMbr9GZWRgqAwWjJBj0wrZ4Udm W+qCJYQCkJTNBfU4Y8WXiys19oX4RVVZtIuthEKpfTQIep04YpXMy9i3JDDmpFwJNJBB 3jWxPF2bps9KQ1zmOlor+sJFxuh/7c/evHxpJcCZITnSleylaZ7PvSRLYr0Ab9JywP5b j5rwet+JJGroDFG1mrF1RWfrGwx811+2tfq8tmfprDPAsps70yFj1ZVPKQVfLsPXH0nB mP7F2jjSn54NBI4QSYtKltBgGwITDnRJqTKAICugF+gUvgXWGc+1tBVcQpghzTyaOT1N iU0A==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=Q8A9hVC5F7xPQVT9GiQ9c3Kk0ynHUnOQoA/XynwKvI4=; b=nyk/VlBfl+bxvEKwELkLybnT8rU4XS2KMrthcRrRO+mqN8B+1TH+kez1uperj3zVfA bT7FREcEV1IXy5N4ly8TKdK/xiRjBUTpaTtkdrc63yOGnuZo0g8E8voCU5aJCoxja8/U madNFp610rleNIitcx4zvaGZZJucpqTAWgfI86rjbvXwoGDZglWe7cr5THKL+0xNUe+Y Ue+6Ot2ThruPSjSwmG8PB3HBcy+2qnY3Qz92lDVaRQKy3jTnSwPVs3YR0tuuyjsN5P5J nUhWRzB6mZeKSrLyDzl61br6P0AHDkh2YYCUfV1LiF4wB+p7cPjvB2iEyUM9DPVGgk2o yO9g==
X-Gm-Message-State: AIkVDXKNEMbUIYq1D+ONG/4ohlF8bXs0/CYnRs4PUCNB0Q41ngI68fF6BLUelO8oZ41zTvsD10yG4rG9Z0ZnOQ==
X-Received: by with SMTP id b62mr11338139qkb.202.1484885330228; Thu, 19 Jan 2017 20:08:50 -0800 (PST)
MIME-Version: 1.0
Received: by with HTTP; Thu, 19 Jan 2017 20:08:49 -0800 (PST)
In-Reply-To: <>
References: <>
From: Martin Thomson <>
Date: Fri, 20 Jan 2017 17:08:49 +1300
Message-ID: <>
Cc: HTTP Working Group <>
Content-Type: text/plain; charset="UTF-8"
Received-SPF: pass client-ip=;;
X-W3C-Hub-Spam-Status: No, score=-5.8
X-W3C-Hub-Spam-Report: AWL=-0.230, BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H3=-0.01, RCVD_IN_MSPIKE_WL=-0.01, RCVD_IN_SORBS_SPAM=0.5, SPF_PASS=-0.001, W3C_AA=-1, W3C_DB=-1, W3C_IRA=-1, W3C_WL=-1
X-W3C-Scan-Sig: 1cUQVo-000491-9H d3a5c67862b6f1277ef7495114ce4a30
Subject: Re: Shared Dictionaries (SDCH and friends)
Archived-At: <>
X-Mailing-List: <> archive/latest/33342
Precedence: list
List-Id: <>
List-Help: <>
List-Post: <>
List-Unsubscribe: <>

Hey Chaals,

In case you missed the suggestion at the last meeting from Vlad, he
suggested that this only be offered for use with fetches with a
credentials-mode (See of
"omit".  That is, don't make it possible for the server to use ambient
authority (including cookies) to customize the request.  I don't think
that completely removes the concern, but it helps.

I don't think that having tools for separating "possibly under
attacker influence" and "secret" is going to solve the issue.  That's
already possible with existing compression techniques; the concern is
over the usability of those tools and the ability to correctly
identify data as belonging to each category.

On 20 January 2017 at 16:48,  <> wrote:
> Additionally, since this is a new powerful feature, there is no reason not to restrict it to secure connections.

FWIW, the security concerns ONLY apply to secure connections, so you
needn't worry about this bit.  If you are going to spray your secrets
all over the internet, traffic analysis isn't really your most
pressing concern.