IETF Logo Mail Archive

Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?

Tony Arcieri <bascule@gmail.com> Sat, 28 November 2015 18:08 UTC

Return-Path: <bascule@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CA071B3371 for <tls@ietfa.amsl.com>; Sat, 28 Nov 2015 10:08:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nEGFqAHWwU8g for <tls@ietfa.amsl.com>; Sat, 28 Nov 2015 10:08:29 -0800 (PST)
Received: from mail-ig0-x236.google.com (mail-ig0-x236.google.com [IPv6:2607:f8b0:4001:c05::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B3BC71B3370 for <tls@ietf.org>; Sat, 28 Nov 2015 10:08:29 -0800 (PST)
Received: by igbxm8 with SMTP id xm8so47515268igb.1 for <tls@ietf.org>; Sat, 28 Nov 2015 10:08:29 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type; bh=8KePz5uCNEdUmyCCyI/ou6Qb8TnzCZno/WFnNdc+ZnI=; b=LnhZ3BT7vrllJR7cun9VZhi1qYQx5IQbLS/OM1UITmddhHI8By+3bXqXpAkjWzcu2Z z1TRV14SfKwDCGeQiYAtQSFHqvqulhqTsODpwzGYCUUOAtplrUt29Qv8B170VVFbz+Nl ma2e6CXgQh1cpOh5OQYS583EH2mXZLyTvCKd/Qv9gy5nnWrKm2hghwllCePMYGOZVJHS DfefUN2L7c5z6HLS8yoO+wfFr4zo2Ix3ZwUlB+l4FRk4tp8caK6K5CXev0Fomi9Heyd+ NsxsN+hnD/H/kV+juV008XfXeKRXdvi1Zo3tM8FNk5yEqNlszdBX1GVVzCIRRHGlSGol sJqA==
X-Received: by 10.50.225.105 with SMTP id rj9mr14041525igc.55.1448734109049; Sat, 28 Nov 2015 10:08:29 -0800 (PST)
MIME-Version: 1.0
Received: by 10.79.33.21 with HTTP; Sat, 28 Nov 2015 10:08:09 -0800 (PST)
In-Reply-To: <5659DED3.3030908@zinks.de>
References: <56586A2F.1070703@gmail.com> <565882FE.80205@streamsec.se> <A62C0689-E779-483D-86FF-6DF095DC7A0F@proceranetworks.com> <56599884.2090609@streamsec.se> <5659D957.3030909@zinks.de> <5659DCD8.2030400@streamsec.se> <5659DED3.3030908@zinks.de>
From: Tony Arcieri <bascule@gmail.com>
Date: Sat, 28 Nov 2015 11:08:09 -0700
Message-ID: <CAHOTMVK2KHTW-BiEfTHANNCvWnek_Vk_=uTDdgh=n6WqrN3zvA@mail.gmail.com>
To: Roland Zink <roland@zinks.de>
Content-Type: multipart/alternative; boundary="001a11c3a57cf1ac0d05259db1de"
Archived-At: <http://mailarchive.ietf.org/arch/msg/tls/S7_DV8B_dGIE7LAyUe7AM9yK_1Y>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Nov 2015 18:08:31 -0000

On Sat, Nov 28, 2015 at 10:05 AM, Roland Zink <roland@zinks.de> wrote:

> Am 28.11.2015 um 17:56 schrieb Henrick Hellström:
>
>> AFAIK, HTTP 1.1 browsers typically don't send a new request over an open
>> connection, before it has received the response to the previous request. If
>> that is the case, it is trivial to get the message lengths from the
>> traffic, with or without encrypted TLS record headers. IOW you gain nothing
>> by encrypting the length fields.
>>
>> I think this is what browsers do by default. For HTTP2 this should be
> different.


This is HTTP/1.1 pipelining, which is supported by most browsers but
typically disabled by default as most servers don't support pipelining
correctly.

-- 
Tony Arcieri

v2.23.0 | Report a Bug | By Email