Re: [TLS] Possible blocking of Encrypted SNI extension in China

Rob Sayre <> Tue, 11 August 2020 23:24 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 467CA3A0E7A for <>; Tue, 11 Aug 2020 16:24:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2.097
X-Spam-Status: No, score=-2.097 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: (amavisd-new); dkim=pass (2048-bit key)
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id u-VytPa31eZE for <>; Tue, 11 Aug 2020 16:24:28 -0700 (PDT)
Received: from ( [IPv6:2607:f8b0:4864:20::12f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id DDA693A0E0F for <>; Tue, 11 Aug 2020 16:24:27 -0700 (PDT)
Received: by with SMTP id k4so69130ilr.12 for <>; Tue, 11 Aug 2020 16:24:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=tOnEomeSJ90Dh7Yfyh1vQyKOorf5AnjsD1DkUTRl/bM=; b=hr2Wb6yPa+4jQDfVWw3sfr1Nav6+H/MkEvGeRiypylHoW6eRi54EGtq/jVmHBPHseC 93LW+gml0VThgdvM9gDWaQ2nM8g06k0HCYrbB2iMZyDbsLvLTlY0C/y4oze3sLDWM/LR AqUDHDPJPi0nYKwM0WfZcfYyd0BOHgrr9XfL7/C6oLaLHH8BM46PBEUM9obW6/WgmLDI bRNwnB0WIQ1QdSoJVS8L1Vbo/+V2kQQ+/CnaJoHcuq3p7usZ3tqjy1jThdq4Z2MyUeRm HzekUjKHOjmAltiuxuxyOvi0RDVfA28ZCF0ZSOwm+0Eyx+WWGX1z5g2oFP6VUToD9hmC LSkA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=tOnEomeSJ90Dh7Yfyh1vQyKOorf5AnjsD1DkUTRl/bM=; b=EJpe+VXbPABC8mJhMbY8ok9wKyx639aFRzhCTTxIO8yyhijQmy/7fp01pHFL3vLFr2 wUTN2mXspAk7lDnXtv38vw44cC+l3ZN4WL9ABVqNGJiMeh0am05PK38VlJ0t/kF6BVIj bGo3bmFVqedt/o6KAyVwUkbEiufwS6YbU6WZmDo7iJ8rAPr1wbYnDCOzFotRdyo77XR3 +gpe6UuZ72WJrjHYnnoO2CHI3HHhIRvQL+u51qnFHtLH5IxA4MunG1SRWsPCj0rhXJnz u19YsfR3xTf43hppp7iOvaB5cEb8HhntLhMElKZX7yZs6dfxRtlmhjNNmMRGDvf3oq34 czxw==
X-Gm-Message-State: AOAM531k8QibD7fQQtw6krNfOQAtQGvR5o2yTOFZc0KM2gcF4mp40rTC eD37V/k5JzJXlckGR6xYse8ZZy6RebYaIZy0jmbzCyC/w0w=
X-Google-Smtp-Source: ABdhPJyw3k6Lm2PEEBVDTVqIobqS7X8U+kTOV5M5XWEk2mmPR2WAKNkVmvMZKNrC2PMIehylFGlbzA66T3dpRRXreSw=
X-Received: by 2002:a92:d1d0:: with SMTP id u16mr25731177ilg.49.1597188266833; Tue, 11 Aug 2020 16:24:26 -0700 (PDT)
MIME-Version: 1.0
References: <> <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
From: Rob Sayre <>
Date: Tue, 11 Aug 2020 16:24:15 -0700
Message-ID: <>
To: "" <>
Content-Type: multipart/alternative; boundary="00000000000048bc2a05aca25f4c"
Archived-At: <>
Subject: Re: [TLS] Possible blocking of Encrypted SNI extension in China
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Tue, 11 Aug 2020 23:24:37 -0000

On Tue, Aug 11, 2020 at 3:42 PM David Fifield <> wrote:

> With that said about website fingerprinting, on the topic of inference
> using packet sizes, timing, and other metadata, I have been impressed
> with this series of articles on inference against TLS and HTTPS, which I
> think avoid common missteps:
>         "Enhanced telemetry for encrypted threat analytics"

Thanks for the links.

This 2016 paper is interesting. Understandably, it doesn't mention a bunch
of newer developments.

Its conclusion ends with:

"We identified features of a flow that can be easily collected, analyzed,
and stored such as
the sequence of packet lengths and times, the byte distribution, and the
TLS handshake
metadata. We showed how these data features can be combined with intuitive
learning models to accurately classify malicious, encrypted network flows."

It seems to me that a lot of these papers studied more predictable packet
sizes than they might get under ECH, and would have less cleartext metadata
available under ECH. Additionally, many of these papers probably used TLS
1.2 or earlier.