[TLS] Tonight's Encrypted SNI Hangout Session
Bret Jordan <jordan.ietf@gmail.com> Mon, 13 November 2017 13:28 UTC
Return-Path: <jordan.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1684C1243F3 for <tls@ietfa.amsl.com>; Mon, 13 Nov 2017 05:28:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bg02lh28E4tF for <tls@ietfa.amsl.com>; Mon, 13 Nov 2017 05:28:24 -0800 (PST)
Received: from mail-it0-x234.google.com (mail-it0-x234.google.com [IPv6:2607:f8b0:4001:c0b::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 57EB3129445 for <tls@ietf.org>; Mon, 13 Nov 2017 05:28:24 -0800 (PST)
Received: by mail-it0-x234.google.com with SMTP id b5so3029249itc.3 for <tls@ietf.org>; Mon, 13 Nov 2017 05:28:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=fv1OY5YeIN8XHQgSM4My09fkR+fNRbtAOPgDaXCy01o=; b=o2LmwHclGSxxjXbvVxEpYbf8wuoQUjSQ5EtBn5qkLIolvt9kIeY66oZgTk3v8iajgi s7RsMbG7qprp6VafNHuiJ8aiSGQN3Mg/YBhvLgj/URxuY4Y8ZNTzSa/XHzxanMs44IrN jHuvtgge/nfAR/oavy22qnRUcHrWQIohutPyQNSULKEw7WSDskLr7eK1d3bLhx/bJq8T SBZJc6KUL/CiWAuCtuKHpBufQ6ZMSeAuyma0OzENoBUyqBtqBTWnQPGZ1/Qe9avLsOIF zZlABXpbiIdRg0Bq2H4GCAx1MElZSBvttK60C4Ip8pjCsyHKt6Q+qhYaftoOCNsr9x95 IoHw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=fv1OY5YeIN8XHQgSM4My09fkR+fNRbtAOPgDaXCy01o=; b=t6fM5q2UqUZNel3l+mCmnKIX9WSvlucj1nJT2KK1OHeX1nWKMiQaKaD3wj+MBwxD5w n7qcqpDFXqHxUGjjCZHlivaO/V/qq356UT0Z4cCAM2NXHwRH6AvZccYqhzQuWDUikA8B cQnnyAkG1+dawPxRxHJZhrLB3qHKFFnv5DxTkd3MvBMKceLfCHlCznYeaV05nn/Oj9XT g46UCNVhT4zzboDcprUwj93XHP3tiXyZIpf+cSAg4eHN+lCf+lifz3/0iC2mk2RIQp9V hctlqFk3YIifSSSbYauLd9DtFtJCT9mF/t91KGHisVUtqmGeTan8NWshEVLMEs9j5C7Y dDCg==
X-Gm-Message-State: AJaThX5lHrPJDMNL60QnlgBF4y+nQusVYfb4rX/95zURdLdhO4CL/XvI lozt941iO3xbwJ1Wt6zA2r1au+f/6/ZeJkmSi5wdOA==
X-Google-Smtp-Source: AGs4zMYOq3kXT+DGiPjIIrnANqXnEgg5EgWNyql2AbAwsxnkriC1wFJNL79rhrfEsard7uWPvK2RpivlrPYGkRG2DOY=
X-Received: by 10.36.250.72 with SMTP id v69mr4713647ith.120.1510579703600; Mon, 13 Nov 2017 05:28:23 -0800 (PST)
MIME-Version: 1.0
Received: by 10.107.47.141 with HTTP; Mon, 13 Nov 2017 05:28:23 -0800 (PST)
From: Bret Jordan <jordan.ietf@gmail.com>
Date: Mon, 13 Nov 2017 21:28:23 +0800
Message-ID: <CAPCpN4t4m9M6u=E29u=TQnBScjRTfA91K9pdyPG3nvyi+GHC3w@mail.gmail.com>
To: tls@ietf.org
Content-Type: multipart/alternative; boundary="94eb2c030cc8a35b9d055ddd3ebf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/BArXwayBFZ4qobvhqJ9Cj7nqfmQ>
Subject: [TLS] Tonight's Encrypted SNI Hangout Session
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 13:35:17 -0000
All, We had a great turnout tonight for the encrypted SNI hangout session. Everyone seemed open and willing to work together to understand the complexities that sit before us. Several interesting and important views were expressed, and I feel that the meeting was ultimately a success. In fact, I believe we should do more hangout sessions like this. Take aways from the meeting: 1) We are starting to understand the problem that we are trying to solve 2) We need to ensure that any potential solution will in fact solve the problems as we understand it and not make the problem worse 3) We need to compile a list of use cases and scenarios in a draft document that talk about how the SNI (for good or for bad) is being used today and what an encrypted SNI will mean for these use cases. 4) We need to make sure we get feedback and information from at least the telco sector, large enterprise, financial sector, and the health care sector. I believe this information will help us better understand both sides of the issue, shed light in to what it will mean, help us define the "why" we are doing this, and ultimately feed and foster a better technological solution. If you have or know of scenarios or use-cases where the SNI is being used by network operators, system administrators, security engineers, products, etc, please send them to me so I can start compiling them in to a draft document. Side question, it feels like this effort could represent a lot of work and require a lot of dedicated cycles. Does it make sense to continue this effort inside of the TLS WG? If it does, will the WG give us the time, mindshare, and cycles to focus on it (just asking the hard question)? Once again, thanks all for attending the session tonight. Bret -- Sent from my TI-99/4A PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
- [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Tom Ritter
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Ilari Liusvaara
- Re: [TLS] Tonight's Encrypted SNI Hangout Session David P
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Ilari Liusvaara
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Christian Huitema
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Salz, Rich
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Yoav Nir
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Flemming Andreasen
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Sean Turner