Re: [TLS] More issues with current ESNIKEYS DNS approach
Stephen Farrell <stephen.farrell@cs.tcd.ie> Sat, 30 March 2019 15:31 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 614331201E6 for <tls@ietfa.amsl.com>; Sat, 30 Mar 2019 08:31:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.3
X-Spam-Level:
X-Spam-Status: No, score=-4.3 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JmQ-0Mte09ue for <tls@ietfa.amsl.com>; Sat, 30 Mar 2019 08:31:03 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7E4411201B1 for <tls@ietf.org>; Sat, 30 Mar 2019 08:31:01 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id 9A0FDBF6D; Sat, 30 Mar 2019 15:30:58 +0000 (GMT)
X-Virus-Scanned: Debian amavisd-new at scss.tcd.ie
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0iN0oQmFzI2M; Sat, 30 Mar 2019 15:30:56 +0000 (GMT)
Received: from [10.244.2.138] (95-45-153-252-dynamic.agg2.phb.bdt-fng.eircom.net [95.45.153.252]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id 90FD4BF6B; Sat, 30 Mar 2019 15:30:56 +0000 (GMT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cs.tcd.ie; s=mail; t=1553959856; bh=RjNInjCKNV6vPnbCGVUSy8n/X7HryhESJbn1BOYNiZA=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=HFjO3ebbdYHqM/YX6G0pbAN3jXqS4DpAxu0Aj+Xc3nL+s+Q5LXW5nPc8KPO3+giPZ gGLDfqb8kJdxcpNIT1ekiJgVDlZ0y4zTrfbnzz8Ii8c2kDjgUkSuMhSeoswe0foXnJ 6j+IkI5wj/xm+2hhXSExBS4wwWWCIF7jbxP7knf4=
To: Erik Nygren <erik+ietf@nygren.org>, Christopher Wood <christopherwood07@gmail.com>
Cc: tls@ietf.org, Nick Sullivan <nick=40cloudflare.com@dmarc.ietf.org>
References: <CAO8oSX=sPoLo78oX4qEEyeuck7CxM_uAqYPHEsY7BuYqBUaorg@mail.gmail.com> <0b19d021-8101-23ee-2899-450d103a8906@cs.tcd.ie> <CABcZeBN0mf7VFCKKdg9gH0=tCS7eLZz6M5_WJdaNG7XrJeyESw@mail.gmail.com> <0b854704-8f93-f9ad-c067-67f7f73cbbbf@cs.tcd.ie> <CABcZeBM61u=DtjQh+NkQF47MLyZS4EyuGBjDnsfjxz-z5kfjoQ@mail.gmail.com> <1eaaebf3-6e8a-ae84-0ab3-f977295c0721@cs.tcd.ie> <CY4PR22MB09831CBC251393EE334905D4DA760@CY4PR22MB0983.namprd22.prod.outlook.com> <CAO8oSX=2N=_wvf3L=o6ou=zJaSHE4zpgQDK38QO99+ausYmEpQ@mail.gmail.com> <CAFDDyk_57De_xkXQmhfL_GdojMG0j-=RBhoTFReiCHyArobYWQ@mail.gmail.com> <CABcZeBPgcTyfA3GHkzcrXPO=dnj1Ea+U4fwcg=4mw6BbO-WkSA@mail.gmail.com> <CY4PR22MB0983DDBEC2B214D7EB1A261EDA770@CY4PR22MB0983.namprd22.prod.outlook.com> <CABcZeBMZWi5D0pxPZa3_CBZbWP19dPy0Cy9-h0HzuUJgtm_SsQ@mail.gmail.com> <CANatvzyoUXTdDYtjx7PWVOZViZ-R=qKwksPG9uns_yyZQgLJ0g@mail.gmail.com> <4156F6FA-2F6B-44D2-9894-0A8B80F08888@gmail.com> <CAKC-DJg7Q9jspuuCaJZtDFa0Yh0bScPowsDbgia9aTnRhF3s=Q@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Openpgp: id=5BB5A6EA5765D2C5863CAE275AB2FAF17B172BEA; url=
Autocrypt: addr=stephen.farrell@cs.tcd.ie; prefer-encrypt=mutual; keydata= mQINBFo9UDIBEADUH4ZPcUnX5WWRWO4kEkHea5Y5eEvZjSwe/YA+G0nrTuOU9nemCP5PMvmh 5Cg8gBTyWyN4Z2+O25p9Tja5zUb+vPMWYvOtokRrp46yhFZOmiS5b6kTq0IqYzsEv5HI58S+ QtaFq978CRa4xH9Gi9u4yzUmT03QNIGDXE37honcAM4MOEtEgvw4fVhVWJuyy3w//0F2tzKr EMjmL5VGuD/Q9+G/7abuXiYNNd9ZFjv4625AUWwy+pAh4EKzS1FE7BOZp9daMu9MUQmDqtZU bUv0Q+DnQAB/4tNncejJPz0p2z3MWCp5iSwHiQvytYgatMp34a50l6CWqa13n6vY8VcPlIqO Vz+7L+WiVfxLbeVqBwV+4uL9to9zLF9IyUvl94lCxpscR2kgRgpM6A5LylRDkR6E0oudFnJg b097ZaNyuY1ETghVB5Uir1GCYChs8NUNumTHXiOkuzk+Gs4DAHx/a78YxBolKHi+esLH8r2k 4LyM2lp5FmBKjG7cGcpBGmWavACYEa7rwAadg4uBx9SHMV5i33vDXQUZcmW0vslQ2Is02NMK 7uB7E7HlVE1IM1zNkVTYYGkKreU8DVQu8qNOtPVE/CdaCJ/pbXoYeHz2B1Nvbl9tlyWxn5Xi HzFPJleXc0ksb9SkJokAfwTSZzTxeQPER8la5lsEEPbU/cDTcwARAQABtDJTdGVwaGVuIEZh cnJlbGwgKDIwMTcpIDxzdGVwaGVuLmZhcnJlbGxAY3MudGNkLmllPokCQAQTAQgAKgIbAwUJ CZQmAAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAUCWj6jdwIZAQAKCRBasvrxexcr6o7QD/9m x9DPJetmW794RXmNTrbTJ44zc/tJbcLdRBh0KBn9OW/EaAqjDmgNJeCMyJTKr1ywaps8HGUN hLEVkc14NUpgi4/Zkrbi3DmTp25OHj6wXBS5qVMyVynTMEIjOfeFFyxG+48od+Xn7qg6LT7G rHeNf+z/r0v9+8eZ1Ip63kshQDGhhpmRMKu4Ws9ZvTW2ACXkkTFaSGYJj3yIP4R6IgwBYGMz DXFX6nS4LA1s3pcPNxOgrvCyb60AiJZTLcOk/rRrpZtXB1XQc23ZZmrlTkl2HaThL6w3YKdi Ti1NbuMeOxZqtXcUshII45sANm4HuWNTiRh93Bn5bN6ddjgsaXEZBKUBuUaPBl7gQiQJcAlS 3MmGgVS4ZoX8+VaPGpXdQVFyBMRFlOKOC5XJESt7wY0RE2C8PFm+5eywSO/P1fkl9whkMgml 3OEuIQiP2ehRt/HVLMHkoM9CPQ7t6UwdrXrvX+vBZykav8x9U9M6KTgfsXytxUl6Vx5lPMLi 2/Jrsz6Mzh/IVZa3xjhq1OLFSI/tT2ji4FkJDQbO+yYUDhcuqfakDmtWLMxecZsY6O58A/95 8Qni6Xeq+Nh7zJ7wNcQOMoDGj+24di2TX1cKLzdDMWFaWzlNP5dB5VMwS9Wqj1Z6TzKjGjru q8soqohwb2CK9B3wzFg0Bs1iBI+2RuFnxLkCDQRaPVAyARAA+g3R0HzGr/Dl34Y07XqGqzq5 SU0nXIu9u8Ynsxj7gR5qb3HgUWYEWrHW2jHOByXnvkffucf5yzwrsvw8Q8iI8CFHiTYHPpey 4yPVn6R0w/FOMcY70eTIu/k6EEFDlDbs09DtKcrsT9bmN0XoRxITlXwWTufYqUnmS+YkAuk+ TLCtUin7OdaS2uU6Ata3PLQSeM2ZsUQMmYmHPwB9rmf+q2I005AJ9Q1SPQ2KNg/8xOGxo13S VuaSqYRQdpV93RuCOzg4vuXtR+gP0KQrus/P2ZCEPvU9cXF/2MIhXgOz207lv3iE2zGyNXld /n8spvWk+0bH5Zqd9Wcba/rGcBhmX9NKKDARZqjkv/zVEP1X97w1HsNYeUFNcg2lk9zQKb4v l1jx/Uz8ukzH2QNhU4R39dbF/4AwWuSVkGW6bTxHJqGs6YimbfdQqxTzmqFwz3JP0OtXX5q/ 6D4pHwcmJwEiDNzsBLl6skPSQ0Xyq3pua/qAP8MVm+YxCxJQITqZ8qjDLzoe7s9X6FLLC/DA L9kxl5saVSfDbuI3usH/emdtn0NA9/M7nfgih92zD92sl1yQXHT6BDa8xW1j+RU4P+E0wyd7 zgB2UeYgrp2IIcfG+xX2uFG5MJQ/nYfBoiALb0+dQHNHDtFnNGY3Oe8z1M9c5aDG3/s29QbJ +w7hEKKo9YMAEQEAAYkCJQQYAQgADwUCWj1QMgIbDAUJCZQmAAAKCRBasvrxexcr6qwvD/9b Rek3kfN8Q+jGrKl8qwY8HC5s4mhdDJZI/JP2FImf5J2+d5/e8UJ4fcsT79E0/FqX3Z9wZr6h sofPqLh1/YzDsYkZDHTYSGrlWGP/I5kXwUmFnBZHzM3WGrL3S7ZmCYMdudhykxXXjq7M6Do1 oxM8JofrXGtwBTLv5wfvvygJouVCVe87Ge7mCeY5vey1eUi4zSSF1zPpR6gg64w2g4TXM5qt SwkZVOv1g475LsGlYWRuJV8TA67yp1zJI7HkNqCo8KyHX0DPOh9c+Sd9ZX4aqKfqH9HIpnCL AYEgj7vofeix7gM3kQQmwynqq32bQGQBrKJEYp2vfeO30VsVx4dzuuiC5lyjUccVmw5D72J0 FlGrfEm0kw6D1qwyBg0SAMqamKN6XDdjhNAtXIaoA2UMZK/vZGGUKbqTgDdk0fnzOyb2zvXK CiPFKqIPAqKaDHg0JHdGI3KpQdRNLLzgx083EqEc6IAwWA6jSz+6lZDV6XDgF0lYqAYIkg3+ 6OUXUv6plMlwSHquiOc/MQXHfgUP5//Ra5JuiuyCj954FD+MBKIj8eWROfnzyEnBplVHGSDI ZLzL3pvV14dcsoajdeIH45i8DxnVm64BvEFHtLNlnliMrLOrk4shfmWyUqNlzilXN2BTFVFH 4MrnagFdcFnWYp1JPh96ZKjiqBwMv/H0kw==
Message-ID: <93e145e9-2376-0520-e837-e70fdc729b17@cs.tcd.ie>
Date: Sat, 30 Mar 2019 15:30:55 +0000
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <CAKC-DJg7Q9jspuuCaJZtDFa0Yh0bScPowsDbgia9aTnRhF3s=Q@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="M5vKhPHeOsM4fBb5BqblRuD9J2FhKGyRd"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/I324iXhV4DDAyM9-Cd392HwZ004>
Subject: Re: [TLS] More issues with current ESNIKEYS DNS approach
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 30 Mar 2019 15:31:06 -0000
Hiya, On 29/03/2019 21:44, Erik Nygren wrote: > Following the discussion this week I realized some other major issues we'll > need to make sure we cover: > > 1) Handling proxies here is going to be tricky. The CONNECTi generally > needs to specify the hostname which needs to go to the server which has the > ESNI key for what gets sent in the TLS handshake. IPs don't come into play > here at all. The only thing I can think of for handling this is to pass > the canonical name to the CONNECT when using a proxy, and making sure that > the canonical name is specific to a CDN. There may be some related issues > in non-proxy environments. What do you mean by "canonical name"? (I wish we had a canonical set of definitions for the names involved in ESNI! Maybe I'll try craft some if nobody else has...) > 2) The extension model breaks down if not all CDNs send it as mandatory. > In the hallway, Chris suggested we could require at least one extension be > manditory in any ESNIKey record in DNS. There could be a bunch of similar > corner cases. This issue also applies to switching off of using ESNIKeys > (eg, if there had been no extension included). IMO there should be no extensions defined or needed for ESNIKeys - we have the RRTYPE and internal version number which should be enough. > 3) Trusting A and AAAA records from the EDNSKeys is going to break > environments relying on /etc/resolv.conf for spoofing to staging or other > testing environments. (Services and Support staff will likely be unhappy > as they do this all the time.) That kind of thing and your points about the number of addresses involved make me wonder if #136 is really a viable approach. I'm generally not sure if the problem motivating #136 will turn out to be as bad as feared, esp. if the same DoH/DoT session can be used for the ESNIKeys and A/AAAA queries (though I'm also not sure if browsers could easily ensure that.) I guess maybe more testing may tell us more as DoH/DoT get better deployed. S. > > On Sat, Mar 9, 2019 at 9:08 PM Christopher Wood <christopherwood07@gmail.com> > wrote: > >>>> i'd also like to hear from CDNs about whether their address ranges >>>> are really small enough to not make the list of ranges prohobitive. >> > > At least for one CDN, there are tens to hundreds of possible A/AAAA records > that could be used in a given cluster, and then many thousands of > clusters. Especially on IPv4 this space is not dense as some comes from > local provider space. (The net result for each is far more IPv4 and IPv6 > addresses than can be enumerated reasonably.) > > Some additional minor issues we'll want to address or specify, regardless, > if we take this path: > > * We'll want to make sure to specify that clients must round-robin or > permute the A and AAAA records included in the address list. Typically > most recursive and/or stub resolvers handle this, but since it's all in one > RR and not an RRSET it will be on clients to do this properly. > > * We may wish to provide guidance on how to handle A vs AAAA (eg, reference > RFC 8305). One thing that clients may lose out on is support features > provided by the OS, such as those which sort results based on past > knowledge about RTT and the like. > > I'm increasingly thinking that while we may wish to define a > general-purpose ESNIKEY record for use by generic applications, we may wish > to define application-protocol specific use-cases and bindings for some of > the most persnickety applications. For example, an HTTP-specific "HTTPS" > record that combined ALTSVC, ESNIKEY, and "ANAME" style information may > solve a bunch of these issues together. I've been talking to some folks > and am tempted to try writing up a draft on this. (Mail might be another > case that will just want its own binding...) > > Erik > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] Two Multi-CDN proposals Christopher Wood
- Re: [TLS] Two Multi-CDN proposals Mike Bishop
- Re: [TLS] Two Multi-CDN proposals Christopher Wood
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Kazuho Oku
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Christopher Wood
- Re: [TLS] Two Multi-CDN proposals Mike Bishop
- Re: [TLS] Two Multi-CDN proposals Stephen Farrell
- Re: [TLS] Two Multi-CDN proposals Mike Bishop
- Re: [TLS] Two Multi-CDN proposals Christopher Wood
- Re: [TLS] Two Multi-CDN proposals Nick Sullivan
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Mike Bishop
- Re: [TLS] Two Multi-CDN proposals Eric Rescorla
- Re: [TLS] Two Multi-CDN proposals Kazuho Oku
- Re: [TLS] Two Multi-CDN proposals Kazuho Oku
- Re: [TLS] Two Multi-CDN proposals Christopher Wood
- [TLS] More issues with current ESNIKEYS DNS appro… Erik Nygren
- Re: [TLS] More issues with current ESNIKEYS DNS a… Stephen Farrell