Re: [TLS] DNS-based Encrypted SNI

Eric Rescorla <> Tue, 03 July 2018 15:56 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 694B9130EE5 for <>; Tue, 3 Jul 2018 08:56:21 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, T_DKIMWL_WL_MED=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id blWmqQy9_26x for <>; Tue, 3 Jul 2018 08:56:18 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4002:c05::230]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 2B8B8130EDC for <>; Tue, 3 Jul 2018 08:56:11 -0700 (PDT)
Received: by with SMTP id w76-v6so865624ywg.4 for <>; Tue, 03 Jul 2018 08:56:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=IFSdvseXODobNHtw0MfsJ2BfcRC0KHpJ0tMGmsUQxEU=; b=d+ed12hXs2hCXN5b80rk+yCWD7B90YoEAQegxGRy+OKeVxKbOk6Ya+qrldjxhgrAk7 M84OdtQPcjeyvj6i3VKHmCjSbFntiXygxEYxPdaxz79sNQEpjVbpg/FCgkzwFawp4jiB zsLA79qhNh+i0toCJbV2hMu2NJnaorsPh6Uub9lu/Ks9IIrlTbA+u6q+AE/D4cMNm6Zy FiYMxLRI8KxUPP3JyR1GOnBU4TkoBoPHWW+539X68bATRDJJ5UriGnNoEH+Xet/KB+Ma oPAYELtXaA98RzflF6/Fd4ZFlr80cVHZNkwX4tLZqUSdnlbHXICEYshIVM2Teo7d+Tfo Knjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=IFSdvseXODobNHtw0MfsJ2BfcRC0KHpJ0tMGmsUQxEU=; b=rzhOc1/UomLsfpyCaMLj2CgUX/9K0PHzW6pPz/WTOAh6Dzg4VFFrsZFvFXZi9XoJax D/BFb3JK2jducR4EBFd7hQWIalJ6UXdGIqWknrcpmmTyC5kEgO2m7eTmiK/RiM1jl0Y2 PQx8qJ9GEX0b5V6K7a1pT9RWzo2wpv34o1VFhBOzFnIU8yebljaWN5/NfwhwVwzSs6Zd cuHrp6yViu7S3GQuwqZGkFkS6cAtmrfmKoH3q8mRQVzinnjt7d/x08ePWprjWP5rc9o3 /3/PwcnuDPj/wIbQCwhHR4UvBztzFLOfHjLOFNkOrgSTZuxVZc2e6zO92yn0ajfkiNg+ y0bg==
X-Gm-Message-State: APt69E3vuIUjX1h+DBMbgzZlWky4iNEzpgNLBx5ivzB5ur+fpRISyk3H Ob8EQKKB2WnAX599iWEkebb0hBfl+Bu8t2cw32fbOw==
X-Google-Smtp-Source: AAOMgpeuJ7iCzTQzhrAcg1IeP27R5xNfMigouCa2+FI/slk8HfAWYXlNm8szUcK5iUP6uMEws8mAb5bV937eeQXriW8=
X-Received: by 2002:a81:2ec8:: with SMTP id u191-v6mr14728632ywu.430.1530633370265; Tue, 03 Jul 2018 08:56:10 -0700 (PDT)
MIME-Version: 1.0
Received: by 2002:a81:6b83:0:0:0:0:0 with HTTP; Tue, 3 Jul 2018 08:55:29 -0700 (PDT)
In-Reply-To: <>
References: <> <> <> <>
From: Eric Rescorla <>
Date: Tue, 03 Jul 2018 08:55:29 -0700
Message-ID: <>
To: Paul Wouters <>
Cc: "<>" <>
Content-Type: multipart/alternative; boundary="00000000000050ffdd05701a5a18"
Archived-At: <>
Subject: Re: [TLS] DNS-based Encrypted SNI
X-Mailman-Version: 2.1.26
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 03 Jul 2018 15:56:31 -0000

On Tue, Jul 3, 2018 at 8:40 AM, Paul Wouters <> wrote:

> On Mon, 2 Jul 2018, Eric Rescorla wrote:
>       It is strongly recommended not to use TXT records. Why not use a new
>>       RRTYPE? Everything these days knows how to serve unknown record
>> types
>>       (see RFC 3597). The only possibly exception is provisioning tools of
>>       small players, but this document starts of saying you basically need
>>       to be on a bulk hosting provider anyway. They can properly
>> provision.
>> See:
>> ecomment-388531906
> [Can we keep the discussion within the IETF and the Note Well please. We
>  also don't know what happens in 10 years with these links.]

If you look carefully, you'll see that this discussion happened weeks ago.
I was
just pointing you at it because you asked why we did it the way we did.

With that said,IETF policy does not prohibit having discussions on Github.
We do it
regularly in TLS and it's the standard policy in QUIC.

> quoting from that link:
>         These facts lead to the conclusion that if we choose RRtype as the
>         method, there would often be cases where the DNS record of the
>         and the TLS server would be required to be operated by different
>         entities.
> That seems to have confused two things with each other. I did not say
> anything about the location of the DNS record, only of the RRTYPE.
> Clearly, with the same location, it would be under control of the same
> entity, so I don't understand why you bring this up as a reason against
> using a dedicated RRTYPE.

I'm just quoting Kazuho here, so I'll let him respond to himself.