IETF Logo Mail Archive

Re: [TLS] ESNI robustness and GREASE PRs - client tracking concerns?

Viktor Dukhovni <ietf-dane@dukhovni.org> Tue, 18 December 2018 07:27 UTC

Return-Path: <ietf-dane@dukhovni.org>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 8B0181310BE for <tls@ietfa.amsl.com>; Mon, 17 Dec 2018 23:27:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.201
X-Spam-Level:
X-Spam-Status: No, score=-4.201 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7DDR_Pan9Xz6 for <tls@ietfa.amsl.com>; Mon, 17 Dec 2018 23:27:29 -0800 (PST)
Received: from straasha.imrryr.org (straasha.imrryr.org [100.2.39.101]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0992C1310BC for <tls@ietf.org>; Mon, 17 Dec 2018 23:27:29 -0800 (PST)
Received: by straasha.imrryr.org (Postfix, from userid 1001) id 549C515B4F; Tue, 18 Dec 2018 02:27:27 -0500 (EST)
Date: Tue, 18 Dec 2018 02:27:27 -0500
From: Viktor Dukhovni <ietf-dane@dukhovni.org>
To: tls@ietf.org
Message-ID: <20181218072727.GT79754@straasha.imrryr.org>
Reply-To: tls@ietf.org
References: <CAF8qwaAh-eCLOR3YX3KoVWPe8=uquO+9wwbiSYpOyxvizBSeEg@mail.gmail.com> <20181218044251.bk7em26vvvcamq24@bamsoftware.com> <CAF8qwaA0UZrKA_Vn0hLan9Tb498PKq5roXpLEq2+7dU80qjjFg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAF8qwaA0UZrKA_Vn0hLan9Tb498PKq5roXpLEq2+7dU80qjjFg@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/3oCgiBVuKC84LefPu6l8NnX9fTc>
Subject: Re: [TLS] ESNI robustness and GREASE PRs - client tracking concerns?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2018 07:27:30 -0000

On Tue, Dec 18, 2018 at 12:45:22AM -0600, David Benjamin wrote:

> An earlier iteration even placed the retry on the same connection, which
> makes the analog clearer.  (Doing it in the same connection is rather a
> mess, so we bounce to a new one.)

Any concern about the possibility that the reason the key did not
work was that the particular server had unexpected keys, but
reconnecting might land on a different server, with yet another set
of keys?  (Which is to say that I am concerned, but perhaps you're
not?).

Also connection re-establishment has considerable cost, additional
TCP roundtrips on top of the extra TLS roundtrips.

Is the HRR idea being explored in the parallel thread not viable?
[ That'd be fine by me, one less thing to worry about, but it did
seem worth exploring at first blush...  The suggestion of using it
as a fallback when there are either no keys in DNS, or they don't
work also seems like it could be viable. ]


-- 
	Viktor.

v2.23.0 | Report a Bug | By Email