IETF Logo Mail Archive

[TLS] Open issues for draft-ietf-tls-esni

Christopher Patton <cpatton@cloudflare.com> Thu, 13 August 2020 21:41 UTC

Return-Path: <cpatton@cloudflare.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A32FF3A080A for <tls@ietfa.amsl.com>; Thu, 13 Aug 2020 14:41:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id zhyBW7nTiPBN for <tls@ietfa.amsl.com>; Thu, 13 Aug 2020 14:41:55 -0700 (PDT)
Received: from mail-qt1-x832.google.com (mail-qt1-x832.google.com [IPv6:2607:f8b0:4864:20::832]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 282B83A0807 for <tls@ietf.org>; Thu, 13 Aug 2020 14:41:55 -0700 (PDT)
Received: by mail-qt1-x832.google.com with SMTP id t23so5586545qto.3 for <tls@ietf.org>; Thu, 13 Aug 2020 14:41:55 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:from:date:message-id:subject:to; bh=YcG+iFn6fBXpZvwMtRCshiMhHq+HTgKMgR6wivCNcWM=; b=nqm1AO8UUXU/4e9c5XLQwvjRwKqidIvuf/EFJSmPQRHf5kyO3VBV1Kjitv1guAcsle CfdLicYgsWNr5NWErHT+m/ZnLqFGBJDdiJrmFYzQv6uAfeT9O1aEXeVTH56TAIorpdRw /inWUDuUpsdwudRzVuQ54XQLW01t+WCB93ZMY=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=YcG+iFn6fBXpZvwMtRCshiMhHq+HTgKMgR6wivCNcWM=; b=VqzGLKDvt4EpTVHp5lT6GUc21VaS6DfS/bTKtVMVHZ0ufjghZpxiFM2xjPKOpRUIg2 xWoZiXtEv6W1p3V4UnEt7WiGVS3l+kjNZWAz4NFLTAz7P7LIKWRGqVi5N/9/qYOLvqQ1 e1FHXnEtE/uhMx1df2CcB32dRHnCxvX5gCL2+8ZbR5q/4jZsWC/q1EmLdQQpmmoOh6Y8 ljbfaroPiisRlZMBrNhfj4Z0RtMi+T7EFo4EjgPQ/AQCq+9Vs39LCFsNj33hfkxXd0v/ Dx3AW4whXAe37pqM2pmaXFwQXkooHXrcfRlbfZzUSjQ1vUe53clDyfhaStUK0DE0TrrD VxPQ==
X-Gm-Message-State: AOAM532HyJZw+ZltQpsAzgP5dMau9dRbWfXfGhEDcONW+/c4bOsvCHNW H6NHkMfXpsrqPKkAImcIwqPpm4l1hC/J5FgWxvdgGgrb/GvBBQ==
X-Google-Smtp-Source: ABdhPJw2tmVn7RIfne5KQxdunb7srlWeL/FhmsGc1qzTWxDvTm4RZWTg0XhgR0tJunW+P+q47cDMQoddCRVx8VeGM5A=
X-Received: by 2002:ac8:2a6f:: with SMTP id l44mr7461279qtl.278.1597354914034; Thu, 13 Aug 2020 14:41:54 -0700 (PDT)
MIME-Version: 1.0
From: Christopher Patton <cpatton@cloudflare.com>
Date: Thu, 13 Aug 2020 14:41:43 -0700
Message-ID: <CAG2Zi20Lr0J6QLLW=VpeFJSoHbEPLfgUX1n-m009ycGjUcg5XA@mail.gmail.com>
To: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000003b5e6105acc92ced"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/7l__X6RFgieFlJDQXBGLrxUgWpY>
Subject: [TLS] Open issues for draft-ietf-tls-esni
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Aug 2020 21:41:57 -0000

Hi list,

Some of you might have noticed a barrage of issues filed recently against
draft-ietf-tls-esni on GitHub. These are all relatively minor, but
resolving some of them may require changes for the next draft, so I wanted
to summarize them here. These were flagged while Chris Wood and I were
working through some editorial changes.

Links to the issues are given below, including a brief description. We'd
welcome any feedback you might have on these.

Thanks,
Chris P.


https://github.com/tlswg/draft-ietf-tls-esni/issues/261: The spec assumes
that HPKE uses an HKDF cipher suite.

https://github.com/tlswg/draft-ietf-tls-esni/issues/262: Possible bug in
"outer_extensions" extension logic.

https://github.com/tlswg/draft-ietf-tls-esni/issues/263: Role of the hash
in "outer_extensions" is unclear.

https://github.com/tlswg/draft-ietf-tls-esni/issues/265: Question about
"outer_extensions" usage guidance.

https://github.com/tlswg/draft-ietf-tls-esni/issues/266: Security
considerations around SNI leakage.

https://github.com/tlswg/draft-ietf-tls-esni/issues/267: "ech_accept" is
undefined.

v2.23.0 | Report a Bug | By Email