Re: [TLS] Encrypted SNI

Dave Garrett <davemgarrett@gmail.com> Wed, 07 June 2017 01:59 UTC

Return-Path: <davemgarrett@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0F1E1129564; Tue, 6 Jun 2017 18:59:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Bh0zmisR7Ga5; Tue, 6 Jun 2017 18:59:27 -0700 (PDT)
Received: from mail-qt0-x242.google.com (mail-qt0-x242.google.com [IPv6:2607:f8b0:400d:c0d::242]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E0403129B02; Tue, 6 Jun 2017 18:59:20 -0700 (PDT)
Received: by mail-qt0-x242.google.com with SMTP id o21so23023612qtb.1; Tue, 06 Jun 2017 18:59:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:to:subject:date:user-agent:cc:references:in-reply-to :mime-version:content-transfer-encoding:message-id; bh=FhhoYt17/04c3UNPdD2jL0VFP6XvvdjUh7z75iTErGI=; b=cA/Juk2Dnr1w1HI3z2RfVVhN5d+miytkgLdpxYbbgJysj4V6es7CNG+gRIyyIHQKgA DBOUBBYtl+BhGEtowC2APLCYCawbBbLTssjW1i4f2S+Enld/SuQycZZ5lq96YGDe9y08 d8zzwtn1249wRL9sKdenHbk6p4zLznkIOcZoiHHmsuDn7N+UdjryBQYnhnAjpPLg5cMz VOicNRavHmg4/1S+oo3uifFrrzeINp4d6SbLGi2/EXQ4MskSBQyb3WLHCcyeumId+LfE GyABX4pLJNoEnLB8YXvrbu3nuplyeP2YAXO4AIaXUCmvPxDDtXgYnhwvCj9T130qj+vo B/KA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:subject:date:user-agent:cc:references :in-reply-to:mime-version:content-transfer-encoding:message-id; bh=FhhoYt17/04c3UNPdD2jL0VFP6XvvdjUh7z75iTErGI=; b=Rpf9Fd2h+biwMlaqBWTz4PwAzTJ1SFzd1Kwh9mF7AQPIlD/WACo6HLHbHhk0Bxigqb U9ky05DFFS0ImyznVFdwLDRIUUZOswXVgFEgQ3cjEMjMTwKivTaoY3ZgN91HvCMiYlYZ 6bbASBYPmLRwvxsg2bMkn07RU+OrGkt3sfC53YR5BV+caknNVPR+Tn6BEt6QPduEcyqW 5PNR0O+4cNy5cj2YZjkBN/58iS678xJVx+c/MOVDreJLLHs/DdMRNifvg17hHL7bB0/t EFT+tTHirem2VkhEuH6+yzPHUsVJI7ZUuC1GOnP3kEPRnf0Ip7Vqb2DEE2GmNk7YWJcK FbTw==
X-Gm-Message-State: AODbwcAdF8vezuGdbj6V8Z4iFqeRQAmpjcc7LewJS2Hz1jwK5wjGreoT zPB/Mea4g7uRdO8SF4I=
X-Received: by 10.237.42.129 with SMTP id t1mr23174680qtd.55.1496800759940; Tue, 06 Jun 2017 18:59:19 -0700 (PDT)
Received: from dave-laptop.localnet (pool-71-175-70-41.phlapa.fios.verizon.net. [71.175.70.41]) by smtp.gmail.com with ESMTPSA id l46sm162595qtb.21.2017.06.06.18.59.18 (version=TLS1 cipher=AES128-SHA bits=128/128); Tue, 06 Jun 2017 18:59:19 -0700 (PDT)
From: Dave Garrett <davemgarrett@gmail.com>
To: tls@ietf.org
Date: Tue, 6 Jun 2017 21:59:16 -0400
User-Agent: KMail/1.13.5 (Linux/2.6.32-74-generic-pae; KDE/4.4.5; i686; ; )
Cc: Toerless Eckert <tte@cs.fau.de>, Benjamin Kaduk <bkaduk@akamai.com>, "ops-dir@ietf.org" <ops-dir@ietf.org>, Benoit Claise <bclaise@cisco.com>, "sec-ads@ietf.org" <sec-ads@ietf.org>, "ops-ads@ietf.org" <ops-ads@ietf.org>, ops-chairs@ietf.org
References: <CAHbuEH4Bwr13T-cBFvLmUmn6KRzuNf1su6VTeJguyssk6S2z3g@mail.gmail.com> <2f5c3b10-0ad0-466a-03ef-495fa6acb7bc@akamai.com> <20170607003637.GI12522@faui40p.informatik.uni-erlangen.de>
In-Reply-To: <20170607003637.GI12522@faui40p.informatik.uni-erlangen.de>
MIME-Version: 1.0
Content-Type: Text/Plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Message-Id: <201706062159.17282.davemgarrett@gmail.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/NAH8Bp5duRhoXVDCD3IlEANVbpo>
Subject: Re: [TLS] Encrypted SNI
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 07 Jun 2017 01:59:36 -0000

Correct; certs are never in the clear. There is no scenario where anything will be unencrypted after the hellos in TLS 1.3+. If you're doing anything with an old system that relies on this, the general advice is to upgrade your old system to not do that anymore. If you're logging traffic from some server(s), log the traffic on those server(s) instead of MitMing. See old threads for more detail.


Dave


On Tuesday, June 06, 2017 08:36:38 pm Toerless Eckert wrote:
> So no options in TLS 1.3 that make it possible to see the server cert in the clear ?
> 
> On Sun, Jun 04, 2017 at 03:25:46PM -0500, Benjamin Kaduk wrote:
> > On 06/02/2017 08:28 AM, Toerless Eckert wrote:
> > > Another candidate use case coming to mind eg: auditing tht is required in many eg: financial
> > > environments. In the past i have seen even the requirement for the whole data streams to be unencrypted
> > > for auditing. Maybe that market segment would also be able to get more privacy but maintain a
> > > relevant level of auditing if the auditing relevant class of information was visible via
> > > the cert.
> > 
> > That use case has been extensively discussed (look for the thread
> > "Industry Concerns about TLS 1.3", also a fair bit of hallway
> > discussions), and was not seen to provide a compelling argument for any
> > change in TLS 1.3.  There are purely server-side options that should be
> > able to provide the necessary functionality (crypto details omitted for
> > now).