Re: [TLS] GREASE ECH repeated value after HRR
David Benjamin <davidben@chromium.org> Tue, 17 August 2021 20:15 UTC
Return-Path: <davidben@google.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 498353A1BA1 for <tls@ietfa.amsl.com>; Tue, 17 Aug 2021 13:15:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.949
X-Spam-Level:
X-Spam-Status: No, score=-9.949 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.452, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_SPF_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=chromium.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id NjUl8NkN7Nun for <tls@ietfa.amsl.com>; Tue, 17 Aug 2021 13:15:46 -0700 (PDT)
Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com [IPv6:2607:f8b0:4864:20::62a]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 480513A1B99 for <tls@ietf.org>; Tue, 17 Aug 2021 13:15:46 -0700 (PDT)
Received: by mail-pl1-x62a.google.com with SMTP id a5so348397plh.5 for <tls@ietf.org>; Tue, 17 Aug 2021 13:15:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=chromium.org; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BTJz1HcVKBPgMTobnHmEjTgoTNUl4f3I9xEASsDAMwo=; b=NwDrwXviekVratOPBAMV1HTaftyAYBVP2yim31iVm4SC4IZg4sZQMf3g34B/n98MGB gafJ1bi0VE3AlAGEgKZ47/3uiw6baQZFMqwTgQUZE/7xRgZs31jTSExAw1TBHW/fGFgY ZwpTqyUSHzDGKAWe502jXRqfK26sLzasozV/E=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BTJz1HcVKBPgMTobnHmEjTgoTNUl4f3I9xEASsDAMwo=; b=uXvY2N5GL/qAQhbA1GwGCzHbK20bttkshhOrD1Bfni/VSzDgwfQHbF4SUGhJNS82zz KWaR2RWob8/wkEwb9oi+UC4ASQehLOSQyxAmR0nKtS5TPlzFj8HYbg5Or4c0b/V0QU/5 KSuLWD5u59RyBNtJdTkzqgs8Uz/uXCGgIDnv1kH1iPSNoiMQrWUwr4uv1Hck2GXR4SM4 LqwgYqEcQobyrP78oewXAX6d/Iql99LS5iXMAJkp5Evk54b1P6K9z7+JG8cZt1TMo7lZ aHnrxPKtBtERpQ6uc854cYRIrstbQCCFNGglMdPUjNnkeHlxe3wDFjV4L2ed6U9fwdjp ReZg==
X-Gm-Message-State: AOAM530jxb3hlROvT6Bep3VFMUUO9piSWB+OKEmiLGb5m0xbsLblpbeK SCXXYSoy725RuiJOwRWWKzqopTlHXUuQ+ADJz1OrwExzzZXL
X-Google-Smtp-Source: ABdhPJzExLKRmRz/4+mTkGKvoQ1lFGfqldUMVpVgqF7OrOSLguoj1QsY/njwZOZ6HavVC0SJnvIYYf5eHVmARFQP0tA=
X-Received: by 2002:a62:e308:0:b0:3e1:4077:4fbd with SMTP id g8-20020a62e308000000b003e140774fbdmr5379353pfh.51.1629231344423; Tue, 17 Aug 2021 13:15:44 -0700 (PDT)
MIME-Version: 1.0
References: <83a2b693-b464-693a-b87f-74193095a082@cs.tcd.ie>
In-Reply-To: <83a2b693-b464-693a-b87f-74193095a082@cs.tcd.ie>
From: David Benjamin <davidben@chromium.org>
Date: Tue, 17 Aug 2021 16:15:28 -0400
Message-ID: <CAF8qwaDPkxZy=cW2S80r8runfh7gzwgq2izr6NdpBBfVRa9GkA@mail.gmail.com>
To: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Cc: "tls@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000008b92c205c9c6fb28"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/RfhYqe4nuX66I1zY5vetoAXkGzA>
Subject: Re: [TLS] GREASE ECH repeated value after HRR
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2021 20:15:53 -0000
It's because of the rules in RFC8446. If the server doesn't utter an extension in HelloRetryRequest, the client is not allowed to change the corresponding ClientHello extension. We found an implementation which actually enforces this. https://github.com/tlswg/draft-ietf-tls-esni/issues/358 David On Tue, Aug 17, 2021 at 4:03 PM Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > > Hiya, > > (I'm just getting around to playing with draft-13 ECH and > HRR and have a question...) > > In 6.2 talking about GREASEd ECH, the draft says: > > If sending a second ClientHello in response to a > HelloRetryRequest, the client copies the entire > "encrypted_client_hello" extension from the first > ClientHello. The identical value will reveal to an > observer that the value of "encrypted_client_hello" was > fake, but this only occurs if there is a > HelloRetryRequest. > > I don't object to that, but can't recall why we wanted > the same value re-tx'd. (My code just naturally generated > a new GREASE ECH value and it all worked fine, so being > the lazy person I am, I'm wondering if doing nothing is > a good option:-) > > Ta, > S. > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
- [TLS] GREASE ECH repeated value after HRR Stephen Farrell
- Re: [TLS] GREASE ECH repeated value after HRR David Benjamin
- Re: [TLS] GREASE ECH repeated value after HRR Stephen Farrell