Re: [TLS] draft-ietf-tls-esni feedback

[Stephen Farrell <stephen.farrell@cs.tcd.ie>]

On 23/10/2019 17:13, Ben Schwartz wrote:
> On the topic of radical suggestions, here's another one:
> https://github.com/tlswg/draft-ietf-tls-esni/pull/186

How about a variant like this (which is maybe close to your
most recent email, not quite sure):

Names < N octets: pad those to N.

Names >= N octets: hash those and pad to N.

With N ~=64 I think that'd be ok, assuming we do some checking
that N covers a sufficient percentage of names in real use.

I think the WG could easily make the case that if some web
site really does need/want to hide in the crowd, they just
better not try do that with a gigantic DNS name.

Cheers,
S.

> 
> In brief, this replaces the variable-length name with a fixed-length
> hash, plus some accommodations to allow *.example.com,
> *.*.example.com, etc.
> 
> My hope is that this design would work in the architecture described
> by Watson, while saving ~220 bytes in each ClientHello.
> 
> One interesting feature of this design is that it doesn't require each
> wildcard domain to publish any unique DNS record.  Instead, all
> third-level wildcard customers can share a configuration, all
> fourth-level wildcard customers can share a configuration, etc.  This
> distinction is not visible in the TLS handshake, so the anonymity set
> is not reduced.
> 
> On Wed, Oct 23, 2019 at 10:53 AM Watson Ladd <watsonbladd@gmail.com> wrote:
>>
>> On Wed, Oct 23, 2019 at 7:35 AM Bill Frantz <frantz@pwpconsult.com> wrote:
>>>
>>> A perhaps radical suggestion:
>>>
>>> Make the server name field fixed length e.g. 256 bytes. Longer
>>> server names are not supported and clients MUST NOT send them.
>>> (Both client and server can't use them because they won't fit in
>>> the fixed length field.)
>>
>> The limit of server name in DNS is 260 bytes, so that limit already
>> exists. No reason to shorten it elsewhere!
>> --
>> "Man is born free, but everywhere he is in chains".
>> --Rousseau.
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls