IETF Logo Mail Archive

Re: [TLS] Final nail in the coffin for cleartext SNI/ALPN in TLS 1.3

Juho Vähä-Herttua <juhovh@iki.fi> Tue, 12 November 2013 10:09 UTC

Return-Path: <juhovh@iki.fi>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4418B11E80F1 for <tls@ietfa.amsl.com>; Tue, 12 Nov 2013 02:09:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.903
X-Spam-Level:
X-Spam-Status: No, score=-0.903 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, MIME_QP_LONG_LINE=1.396]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id bl3j+aq5dXJ9 for <tls@ietfa.amsl.com>; Tue, 12 Nov 2013 02:09:24 -0800 (PST)
Received: from gw03.mail.saunalahti.fi (gw03.mail.saunalahti.fi [195.197.172.111]) by ietfa.amsl.com (Postfix) with ESMTP id 77E4D21E80E7 for <tls@ietf.org>; Tue, 12 Nov 2013 02:09:14 -0800 (PST)
Received: from [10.176.133.178] (85-76-119-92-nat.elisa-mobile.fi [85.76.119.92]) by gw03.mail.saunalahti.fi (Postfix) with ESMTP id 22BC721698D; Tue, 12 Nov 2013 12:09:09 +0200 (EET)
References: <20131112005546.D6E781AA7B@ld9781.wdf.sap.corp>
Mime-Version: 1.0 (1.0)
In-Reply-To: <20131112005546.D6E781AA7B@ld9781.wdf.sap.corp>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Message-Id: <DFB0ADD5-495D-4FEC-BF84-D209A41639C1@iki.fi>
X-Mailer: iPhone Mail (11B511)
From: Juho Vähä-Herttua <juhovh@iki.fi>
Date: Tue, 12 Nov 2013 12:05:32 +0200
To: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Final nail in the coffin for cleartext SNI/ALPN in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 12 Nov 2013 10:09:30 -0000

> On 12.11.2013, at 2.55, mrex@sap.com (Martin Rex) wrote:
> 
> To me, this is self-illusion.  Why should NSA look at SNI at all?

At this point I must point out that not everything is about NSA. There are certain countries that block DNS to the open internet and therefore all DNS queries are performed inside national borders. Some of these countries have also managed to block Tor with rather complicated active probing and IP blocks.

I can confirm that a working solution to easily get to services like google/facebook without full VPN is to edit /etc/hosts to point to some unblocked IP e.g. in Europe and use HTTPS. What makes me sad is the knowledge that SNI is leaking the hostname and makes those connections trivial to block, even though I haven't come across SNI based blocking yet.

I haven't put enough thought into this to say if encrypting SNI is technically feasible or adds too much complication. But I would like to hear how come in the situation I have just described (and have personally experienced) leaking SNI is not a problem? AFAIK these countries only do passive surveillance, because active surveillance would be too expensive and slow down connections too much.


Juho

v2.23.0 | Report a Bug | By Email