Re: [TLS] ESNI robustness and GREASE PRs
Ilari Liusvaara <ilariliusvaara@welho.com> Tue, 18 December 2018 09:00 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2230B131132 for <tls@ietfa.amsl.com>; Tue, 18 Dec 2018 01:00:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yJtR6tqMTGoL for <tls@ietfa.amsl.com>; Tue, 18 Dec 2018 01:00:39 -0800 (PST)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 1ADBB131100 for <tls@ietf.org>; Tue, 18 Dec 2018 01:00:37 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id C7EF04F8BE; Tue, 18 Dec 2018 11:00:34 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp2.welho.com ([IPv6:::ffff:83.102.41.85]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id QeSNOXSVG3k3; Tue, 18 Dec 2018 11:00:34 +0200 (EET)
Received: from LK-Perkele-VII (87-92-19-27.bb.dnainternet.fi [87.92.19.27]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by welho-smtp2.welho.com (Postfix) with ESMTPSA id 445A872; Tue, 18 Dec 2018 11:00:32 +0200 (EET)
Date: Tue, 18 Dec 2018 11:00:31 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: David Benjamin <davidben@chromium.org>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Message-ID: <20181218090031.GA28550@LK-Perkele-VII>
References: <CAF8qwaAh-eCLOR3YX3KoVWPe8=uquO+9wwbiSYpOyxvizBSeEg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <CAF8qwaAh-eCLOR3YX3KoVWPe8=uquO+9wwbiSYpOyxvizBSeEg@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/RvsMwYbjlLI5-Vf_33GtX0FJpmE>
Subject: Re: [TLS] ESNI robustness and GREASE PRs
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Dec 2018 09:00:53 -0000
On Mon, Dec 17, 2018 at 05:17:37PM -0600, David Benjamin wrote: > Hi folks, > > We[*] wrote up some proposed changes for draft-ietf-tls-esni that we'd like > the group's thoughts on. The goal is to make ESNI more robust and eliminate > a bunch of deployment risks. The PRs are linked below: > > https://github.com/tlswg/draft-ietf-tls-esni/pull/124 > https://github.com/tlswg/draft-ietf-tls-esni/pull/125 > > The second recommends clients to send GREASE ESNI extensions when they do > not have cached ESNIKeys available. This better meets the "Do not stick > out" goal. The server behavior in the first PR gives us this for free. It seems to me that if server thinks it has ESNI enabled, but the client does not get ESNI keys for it, then all handshakes fall back to full handshake and session resumption will not work (as the server is required to reject the resumption)? Also, randomly generating the ESNI key handle does stick out, as normally the ESNI key is releatively static (DNS caching!) across whole group of domains and servers. -Ilari
- [TLS] ESNI robustness and GREASE PRs David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs Stephen Farrell
- Re: [TLS] ESNI robustness and GREASE PRs - client… David Fifield
- Re: [TLS] ESNI robustness and GREASE PRs Kazuho Oku
- Re: [TLS] ESNI robustness and GREASE PRs - client… David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs - client… David Fifield
- Re: [TLS] ESNI robustness and GREASE PRs - client… Viktor Dukhovni
- Re: [TLS] ESNI robustness and GREASE PRs Ilari Liusvaara
- Re: [TLS] ESNI robustness and GREASE PRs David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs - client… David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs Ilari Liusvaara
- Re: [TLS] ESNI robustness and GREASE PRs David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs David Benjamin
- Re: [TLS] ESNI robustness and GREASE PRs - client… Ilari Liusvaara