RFC 8744 on Issues and Requirements for Server Name Identification (SNI) Encryption in TLS
rfc-editor@rfc-editor.org Tue, 28 July 2020 21:57 UTC
Return-Path: <wwwrun@rfc-editor.org>
X-Original-To: ietf-announce@ietfa.amsl.com
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6A6C53A0A56; Tue, 28 Jul 2020 14:57:41 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id SKhTWeNtqsQY; Tue, 28 Jul 2020 14:57:38 -0700 (PDT)
Received: from rfc-editor.org (rfc-editor.org [4.31.198.49]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A8E483A09AF; Tue, 28 Jul 2020 14:57:38 -0700 (PDT)
Received: by rfc-editor.org (Postfix, from userid 30) id 2C3B6F40727; Tue, 28 Jul 2020 14:57:13 -0700 (PDT)
To: ietf-announce@ietf.org, rfc-dist@rfc-editor.org
Subject: RFC 8744 on Issues and Requirements for Server Name Identification (SNI) Encryption in TLS
X-PHP-Originating-Script: 1005:ams_util_lib.php
From: rfc-editor@rfc-editor.org
Cc: rfc-editor@rfc-editor.org, drafts-update-ref@iana.org, tls@ietf.org
Content-type: text/plain; charset="UTF-8"
Message-Id: <20200728215713.2C3B6F40727@rfc-editor.org>
Date: Tue, 28 Jul 2020 14:57:13 -0700
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/3pOLE2WkDoLGkxP9isfqrflk_yc>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2020 21:57:47 -0000
A new Request for Comments is now available in online RFC libraries.
RFC 8744
Title: Issues and Requirements for Server
Name Identification (SNI) Encryption in TLS
Author: C. Huitema
Status: Informational
Stream: IETF
Date: July 2020
Mailbox: huitema@huitema.net
Pages: 13
Updates/Obsoletes/SeeAlso: None
I-D Tag: draft-ietf-tls-sni-encryption-09.txt
URL: https://www.rfc-editor.org/info/rfc8744
DOI: 10.17487/RFC8744
This document describes the general problem of encrypting the Server
Name Identification (SNI) TLS parameter. The proposed solutions hide
a hidden service behind a fronting service, only disclosing the SNI
of the fronting service to external observers. This document lists
known attacks against SNI encryption, discusses the current "HTTP
co-tenancy" solution, and presents requirements for future TLS-layer
solutions.
In practice, it may well be that no solution can meet every
requirement and that practical solutions will have to make some
compromises.
This document is a product of the Transport Layer Security Working Group of the IETF.
INFORMATIONAL: This memo provides information for the Internet community.
It does not specify an Internet standard of any kind. Distribution of
this memo is unlimited.
This announcement is sent to the IETF-Announce and rfc-dist lists.
To subscribe or unsubscribe, see
https://www.ietf.org/mailman/listinfo/ietf-announce
https://mailman.rfc-editor.org/mailman/listinfo/rfc-dist
For searching the RFC series, see https://www.rfc-editor.org/search
For downloading RFCs, see https://www.rfc-editor.org/retrieve/bulk
Requests for special distribution should be addressed to either the
author of the RFC in question, or to rfc-editor@rfc-editor.org. Unless
specifically noted otherwise on the RFC itself, all RFCs are for
unlimited distribution.
The RFC Editor Team
Association Management Solutions, LLC