Re: [quicwg/base-drafts] SNI encryption (#795)
Juha-Matti Tilli <notifications@github.com> Mon, 18 June 2018 11:45 UTC
Return-Path: <bounces+848413-a050-quic-issues=ietf.org@sgmail.github.com>
X-Original-To: quic-issues@ietfa.amsl.com
Delivered-To: quic-issues@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 9CCB5130EA6 for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 04:45:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.01
X-Spam-Level:
X-Spam-Status: No, score=-3.01 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MAILING_LIST_MULTI=-1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, T_DKIMWL_WL_HIGH=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=github.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id wDmZ6EYoL96s for <quic-issues@ietfa.amsl.com>; Mon, 18 Jun 2018 04:45:29 -0700 (PDT)
Received: from o5.sgmail.github.com (o5.sgmail.github.com [192.254.113.10]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 2D422130E96 for <quic-issues@ietf.org>; Mon, 18 Jun 2018 04:45:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=github.com; h=from:reply-to:to:cc:in-reply-to:references:subject:mime-version:content-type:content-transfer-encoding:list-id:list-archive:list-post:list-unsubscribe; s=s20150108; bh=lcRaoaR+j5XGYApvYKujcTInJgY=; b=RDDsEV78+SNh+kjQ UdZKCEs/6L4Pc4P6J/B/ohs5Fzdgl0KoaKNJ3ADVTV59UkgFRawuut95f8RQ5hU+ Ddny7AsX2TIxT0vn9uiZxqjhc4K+DLQEPX5vow6Kj+S1hK9uUhoiCu1LoamGM/ss 0CGk0+08VhadZkFJtnmoKU4oIkI=
Received: by filter0057p1iad2.sendgrid.net with SMTP id filter0057p1iad2-28055-5B279B57-36 2018-06-18 11:45:27.950805116 +0000 UTC
Received: from github-lowworker13-cp1-prd.iad.github.net (unknown [192.30.252.42]) by ismtpd0003p1iad1.sendgrid.net (SG) with ESMTP id wALj4WDfQtaZ49SGRAjmkw for <quic-issues@ietf.org>; Mon, 18 Jun 2018 11:45:27.867 +0000 (UTC)
Received: from github.com (localhost [127.0.0.1]) by github-lowworker13-cp1-prd.iad.github.net (Postfix) with ESMTP id D294920CC6 for <quic-issues@ietf.org>; Mon, 18 Jun 2018 04:45:27 -0700 (PDT)
Date: Mon, 18 Jun 2018 11:45:28 +0000
From: Juha-Matti Tilli <notifications@github.com>
Reply-To: quicwg/base-drafts <reply+0166e4aba3d0c3e5ce57f5c2b93b84d6a3e57d91d34f551492cf00000001173f5d5792a169ce0f861fa8@reply.github.com>
To: quicwg/base-drafts <base-drafts@noreply.github.com>
Cc: Subscribed <subscribed@noreply.github.com>
Message-ID: <quicwg/base-drafts/issues/795/398027461@github.com>
In-Reply-To: <quicwg/base-drafts/issues/795@github.com>
References: <quicwg/base-drafts/issues/795@github.com>
Subject: Re: [quicwg/base-drafts] SNI encryption (#795)
Mime-Version: 1.0
Content-Type: multipart/alternative; boundary="--==_mimepart_5b279b57d13ab_4fb73feb66296f802966e1"; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Precedence: list
X-GitHub-Sender: jmtilli
X-GitHub-Recipient: quic-issues
X-GitHub-Reason: subscribed
X-Auto-Response-Suppress: All
X-GitHub-Recipient-Address: quic-issues@ietf.org
X-SG-EID: l64QuQ2uJCcEyUykJbxN122A6QRmEpucztpreh3Pak3PAom0XouGKFILrM6wmvGCnZKP9rCXYhSh67 QHTQOMG9dgyhVFpf9zQ1HaLceTIwERZr3JExTjJmYBdHbT4lWxnIRYYMZWPNajTS8tffInVRevqXOn DDEewTD5fJbO38yTV06KDSyE245KdepSz93U1Wxn33nU9Mnhy/QK6KihfwJ2ZYlIJmHh5tSQHydC29 U=
Archived-At: <https://mailarchive.ietf.org/arch/msg/quic-issues/pHw_5OnRoKiuK_vh1YtIT0QRfVI>
X-BeenThere: quic-issues@ietf.org
X-Mailman-Version: 2.1.26
List-Id: Notification list for GitHub issues related to the QUIC WG <quic-issues.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/quic-issues/>
List-Post: <mailto:quic-issues@ietf.org>
List-Help: <mailto:quic-issues-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/quic-issues>, <mailto:quic-issues-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Jun 2018 11:45:32 -0000
I hope people here realize that this proposal of encrypting the SNI will make multiplexing connections on a NAT middlebox (see Issue #1456) practically impossible. The IPv4 address exhaustion is a reality, and IPv6 adoption will probably be much slower than QUIC adoption, so QUIC should not contribute to the IPv4 address shortage problem by encrypting the only piece of information about the server (i.e. the DNS name) in addition to the IPv4 address. In contrast, if SNI remains unencrypted, a NAT middlebox can share an IPv4 address for multiple servers and choose the correct server based on the SNI. -- You are receiving this because you are subscribed to this thread. Reply to this email directly or view it on GitHub: https://github.com/quicwg/base-drafts/issues/795#issuecomment-398027461
- Re: [quicwg/base-drafts] SNI encryption (#795) ekr
- Re: [quicwg/base-drafts] SNI encryption (#795) Lars Eggert
- Re: [quicwg/base-drafts] SNI encryption (#795) Juha-Matti Tilli
- Re: [quicwg/base-drafts] SNI encryption (#795) ianswett
- Re: [quicwg/base-drafts] SNI encryption (#795) Juha-Matti Tilli
- [quicwg/base-drafts] SNI encryption (#795) Martin Thomson
- Re: [quicwg/base-drafts] SNI encryption (#795) hardie
- Re: [quicwg/base-drafts] SNI encryption (#795) Mike Bishop
- Re: [quicwg/base-drafts] SNI encryption (#795) Martin Thomson
- Re: [quicwg/base-drafts] SNI encryption (#795) Martin Thomson
- Re: [quicwg/base-drafts] SNI encryption (#795) Martin Thomson
- Re: [quicwg/base-drafts] SNI encryption (#795) Martin Thomson
- Re: [quicwg/base-drafts] SNI encryption (#795) MikkelFJ
- Re: [quicwg/base-drafts] SNI encryption (#795) Martin Thomson