Re: [Masque] MASQUE detection through tracking trackers

Töma Gavrichenkov <ximaera@gmail.com> Tue, 05 November 2019 20:22 UTC

Return-Path: <ximaera@gmail.com>
X-Original-To: masque@ietfa.amsl.com
Delivered-To: masque@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 42938120B7F for <masque@ietfa.amsl.com>; Tue, 5 Nov 2019 12:22:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.998
X-Spam-Level:
X-Spam-Status: No, score=-1.998 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rOkeft6Kx-5N for <masque@ietfa.amsl.com>; Tue, 5 Nov 2019 12:22:48 -0800 (PST)
Received: from mail-yb1-xb2d.google.com (mail-yb1-xb2d.google.com [IPv6:2607:f8b0:4864:20::b2d]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 828A6120B73 for <masque@ietf.org>; Tue, 5 Nov 2019 12:22:48 -0800 (PST)
Received: by mail-yb1-xb2d.google.com with SMTP id 4so9935700ybq.9 for <masque@ietf.org>; Tue, 05 Nov 2019 12:22:48 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=A2OXiwmtHW9Lqub6Tdfpq6fwbKg0GzWxS4J99iCyzhk=; b=cYqerlAtT/hyEEEp2BsDiwrdd5HDBm7b7guJP+zJw6qViTlSmibrSL6JkLi1NpoaOU T+5DPVRvmWJvohqstDLowyfAhe5TpDK3v1dg7WKp+gaWGcGran8CcOmx3QiotnJWh06V vS3CpazUY1pbvpRakM2mKLzkX28XnCj5HBAvDTzau7HB6vswx2ag85me9Vd/9CgCp+xa 8wsFZE7stFP05jo9KnZXOcVSPjQexc2ULQMhZWtIlbQdBva1ieGltxB/b9SoI8ul7D1i SXIPZfg2VLYQYu6UnzchvqcxQ8Einjc7AkhUNgZ/OA6xxRh7K1oQSB3JFaWOk6j+m1mz 1HNg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=A2OXiwmtHW9Lqub6Tdfpq6fwbKg0GzWxS4J99iCyzhk=; b=TqoMKS1ze3kOrfyDGaWjrVv8BZHXIBozGOFoALb0/DXUgs/IWoop37wqylVD2pZeVD ZajoUlIlUg8oBjrcW9ueJqIMPh6j/85fchu9LeZJyh/lq9QyQ8urrV4JdDkFMPEJpi5G KR+urJ6VZMD2Bg4IxUJBONk9hnEtHHPkVh6C08ZWfyZ3RrgLUizjB7F0UEt/8TlAWpwg cAZc6Q+R0i/v5qKiKiAAbdb9TusKkS4kZxbg2q/ugh4F99oHMdP6pFZoegGFxm7QBdZV LLp1DUV+S+JMbuG/1h8cVhSjzW8NVVd7ssF6TXp6oBtAe/bak5l4BvbvIqJYkIcsQONX G1HA==
X-Gm-Message-State: APjAAAVeWq8tH23H1vO3yS86SukF/x+9xLioIOXug6vvhJaEZ7r2+79m tOMCPZ7z+Lkh688AxG3ZAIeOwXwvmI1uY6sqDNk=
X-Google-Smtp-Source: APXvYqz9lZp8DZjaxtiuaGwRJR7+e5i/f4H9NBZEbmXGkQdFGZv3N5No7JGKKXdKt0u5hmmFIQECLInL4TUkZ62x5qQ=
X-Received: by 2002:a25:14d6:: with SMTP id 205mr27675509ybu.230.1572985367303; Tue, 05 Nov 2019 12:22:47 -0800 (PST)
MIME-Version: 1.0
References: <CALZ3u+Yd3wu3G2o-AJErNw6SSgU97F-osJfJhYaiuu5Sb9sF6g@mail.gmail.com> <CA+9kkMAbwCTfMb8Z-meqjuuqSGqR+E9OOe8EF1QpeTwAQj4ktA@mail.gmail.com> <CALZ3u+Y6tPDPW3MFnUsPjtZGwgm3t0CBu+BCy=jH-ty3ra6Sng@mail.gmail.com> <CA+9kkMBt-dQxaDgxCh_S7LWiYNMc94tTUNFo0KHhH6fhc34nuw@mail.gmail.com> <CALZ3u+YNd4SCvoyt9=+vcBVvBw=Ty9R-GFDCR-Nu_rF1WMqiYw@mail.gmail.com> <CACdeXiLWJbCfKY7UP5wtkhe0RXksWF3ZdFxTycPrG1TUMS_7dg@mail.gmail.com>
In-Reply-To: <CACdeXiLWJbCfKY7UP5wtkhe0RXksWF3ZdFxTycPrG1TUMS_7dg@mail.gmail.com>
From: =?UTF-8?Q?T=C3=B6ma_Gavrichenkov?= <ximaera@gmail.com>
Date: Tue, 5 Nov 2019 23:22:34 +0300
Message-ID: <CALZ3u+Yx+V_MhJA8XvWrFTtxu1ow2LAiDYby2Z88Z1mWVotvTQ@mail.gmail.com>
To: Nick Harper <nharper@google.com>
Cc: Ted Hardie <ted.ietf@gmail.com>, masque@ietf.org
Content-Type: multipart/alternative; boundary="0000000000000e1b9305969f3261"
Archived-At: <https://mailarchive.ietf.org/arch/msg/masque/GemAllMrMse8AvGzPV62QRR-wGQ>
Subject: Re: [Masque] MASQUE detection through tracking trackers
X-BeenThere: masque@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Multiplexed Application Substrate over QUIC Encryption <masque.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/masque>, <mailto:masque-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/masque/>
List-Post: <mailto:masque@ietf.org>
List-Help: <mailto:masque-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/masque>, <mailto:masque-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 05 Nov 2019 20:22:50 -0000

Peace,

On Tue, Nov 5, 2019, 10:32 PM Nick Harper <nharper@google.com>; wrote:

> Depending on the domain, a typical laptop or phone is configured to hard
> fail: TLS errors on domains that use HSTS (whether preloaded or sent via an
> HTTP header) are non bypassable.
>

In theory, there is no difference between theory and practice.  In practice
there is.  People know captive portals are invasive, but they accept the
risk.

Anyhow, this is not really relevant to the topic.  The access is blocked
anyway, you can just recall some Web site w/o HSTS to click through the
warning to figure out what is it that the network wants from you.  Maybe in
future versions they will implement RFC 7710.  I'm surprised, kind of, that
this is apparently the most interesting part of the message.

--
Töma

>