IETF Logo Mail Archive

Re: [TLS] About encrypting SNI

Tim Bray <tbray@textuality.com> Tue, 20 May 2014 20:24 UTC

Return-Path: <tbray@textuality.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 6E8AA1A0758 for <tls@ietfa.amsl.com>; Tue, 20 May 2014 13:24:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.977
X-Spam-Level:
X-Spam-Status: No, score=-1.977 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uVqN5daTI7VT for <tls@ietfa.amsl.com>; Tue, 20 May 2014 13:24:33 -0700 (PDT)
Received: from mail-ve0-f170.google.com (mail-ve0-f170.google.com [209.85.128.170]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 63E521A072D for <tls@ietf.org>; Tue, 20 May 2014 13:24:33 -0700 (PDT)
Received: by mail-ve0-f170.google.com with SMTP id db11so1315465veb.29 for <tls@ietf.org>; Tue, 20 May 2014 13:24:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type; bh=bDnPyYO9+w4RIi/M7RWAw2p84y+DISMMDIErOgUSTqM=; b=HzxX730A4R3/2x19E/pxXaUnwwleEawnvALjms3eDbMVPz/G0pMGmPbR8lPq+x/ncB 7nSmFpltihTBnB8RML8nEmdbn8V+BfLwE0qTuhDy6CXbLwQQDgBIBABn+dHs1SyPB6/s 9yIPfgilhPlNW85ZMJaNf3thrwrJs43yIsAP5P37OxNZ1iN5bpeFn3XcWSFR5zvdJPGm RoqR7HNXi0v99vGz6i3URxUP3exBd49VZmBPFN4pLofolzcL9NtyVBitECWMRWDtRvGo Vchk0N0KYoPWDmLIf9R466FruoKEI1R45J9SMKPN3sWdQDLEtpxXAnL5hEKT3MvT3OsD 4sow==
X-Gm-Message-State: ALoCoQkV6xrStpbJ/PjllraIlGveWlhQa4byeyiifL/Hl4QJ1n/eH/dd5MW9fpRrX8v8aMUm5MQi
X-Received: by 10.52.104.7 with SMTP id ga7mr4947206vdb.29.1400617472122; Tue, 20 May 2014 13:24:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.220.98.73 with HTTP; Tue, 20 May 2014 13:24:12 -0700 (PDT)
X-Originating-IP: [107.19.76.28]
In-Reply-To: <C81C96A7-0878-4C84-AB8C-CF0BF11841F2@gmail.com>
References: <0B76075A-D9F1-4780-8834-7FF0A1C82999@vigilsec.com> <20140425013239.7FE5E1ACE1@ld9781.wdf.sap.corp> <CAFggDF3u1R+540x6SM3Rt5u+GNQ44ZKozCoTSU1k+XMPU9V-tQ@mail.gmail.com> <C81C96A7-0878-4C84-AB8C-CF0BF11841F2@gmail.com>
From: Tim Bray <tbray@textuality.com>
Date: Tue, 20 May 2014 13:24:12 -0700
Message-ID: <CAHBU6itFLCdcZWzrDv02h=3-HF9+uF+ymqFf1cbDYOdvG17nzg@mail.gmail.com>
To: Yoav Nir <ynir.ietf@gmail.com>
Content-Type: multipart/alternative; boundary="001a1136be72e475da04f9daaa0e"
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/SUoTk3l8NX2JLw5QpZnCJYrAFys
Cc: IETF TLS <tls@ietf.org>
Subject: Re: [TLS] About encrypting SNI
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 20 May 2014 20:24:35 -0000

On Tue, May 20, 2014 at 1:02 PM, Yoav Nir <ynir.ietf@gmail.com> wrote:

>
> The requirement for encrypted SNI is very simple. I want to browse certain
> web sites such that if people knew I was browsing them it might get me in
> trouble. We all like the example of a gay teenager in Uganda, but it could
> just as well be an American browsing a website advocating Shari’a law for
> all western countries landing in a no-flight list.
>
> Encrypting SNI would help if the “suspicious” web site is hosted by a
> hosting service, and there are multiple innocuous sites on the same IP
> address, and the traffic from the innocuous sites dominates the traffic to
> the server, and traffic for this site is not distinguishable by other means
> such as traffic analysis.  That’s a lot of ‘if’s up there, and if any of
> them fails, the adversary will know that I browsed the suspicious site.
> AFAIK Tor provides a far more robust protection of this kind of activity.
>

Let’s assume you are correct in all your assertions.  It is still the case
that every time you increase the proportion of the attack surface which is
encrypted, you increase the difficulty for snoopers. It is not a
requirement that you make the snoopers’ task impossible; in fact, all you
can ever do is crank up the difficulty for attackers. It seems obvious that
encrypting as much of connection setup as possible would increase attacker
difficulty so, if practical, it should be done.





>
> So I’m with Martin on this. If you need Tor, use Tor.
>
> Yoav
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>
>


-- 
- Tim Bray (If you’d like to send me a private message, see
https://keybase.io/timbray)

v2.23.0 | Report a Bug | By Email