IETF Logo Mail Archive

Re: [TLS] draft-ietf-tls-esni feedback

"Salz, Rich" <rsalz@akamai.com> Tue, 22 October 2019 16:46 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 50E8D120073 for <tls@ietfa.amsl.com>; Tue, 22 Oct 2019 09:46:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=akamai.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GidWWbqFcU18 for <tls@ietfa.amsl.com>; Tue, 22 Oct 2019 09:46:45 -0700 (PDT)
Received: from mx0b-00190b01.pphosted.com (mx0b-00190b01.pphosted.com [67.231.157.127]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B2E7C12004A for <tls@ietf.org>; Tue, 22 Oct 2019 09:46:45 -0700 (PDT)
Received: from pps.filterd (m0122330.ppops.net [127.0.0.1]) by mx0b-00190b01.pphosted.com (8.16.0.42/8.16.0.42) with SMTP id x9MGRWkR026246; Tue, 22 Oct 2019 17:44:36 +0100
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=akamai.com; h=from : to : cc : subject : date : message-id : references : in-reply-to : content-type : mime-version; s=jan2016.eng; bh=iDE7qcZTqpcuCG5nSyhQsujOR6JiyiRKwSuTDKfQejQ=; b=fZCblB8C6p2/0NlOLbmsjbYv8jrq8lUHl3JDEWx3BSDJhIwJw7UsXNBIeZ2plg8iXgjt 83VljrLsWTtTwC/8YOt8sGjIH83mM2mzGx0J99S+Y9qdQxRrxfslPVhg5LSfDVwcvwGR kVIvuUhSYCfUdEJNshsJ6w/b+XL+HFbk2DkTTRnRbZyGxQIYsWaanSfLGWsszP7b6WJ1 x72pVCXTVohwuJLsuHvVoMG9lU0/bREs5SvDrpUD8huVpTeIE7H5OVpoax0YB2A7RlJ+ XON1XqP9A3ovSI5Pq7ezle22nius7vuRmMoOLHSaWSseCENEmy1HBKTXZ7Cahm4QJEjB sw==
Received: from prod-mail-ppoint5 (prod-mail-ppoint5.akamai.com [184.51.33.60] (may be forged)) by mx0b-00190b01.pphosted.com with ESMTP id 2vqt4uxxeg-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Tue, 22 Oct 2019 17:44:36 +0100
Received: from pps.filterd (prod-mail-ppoint5.akamai.com [127.0.0.1]) by prod-mail-ppoint5.akamai.com (8.16.0.27/8.16.0.27) with SMTP id x9MGX3o3003624; Tue, 22 Oct 2019 09:44:35 -0700
Received: from email.msg.corp.akamai.com ([172.27.123.31]) by prod-mail-ppoint5.akamai.com with ESMTP id 2vr0f8cqfc-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT); Tue, 22 Oct 2019 09:44:35 -0700
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com (172.27.123.103) by usma1ex-dag1mb4.msg.corp.akamai.com (172.27.123.104) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 22 Oct 2019 12:44:34 -0400
Received: from USMA1EX-DAG1MB3.msg.corp.akamai.com ([172.27.123.103]) by usma1ex-dag1mb3.msg.corp.akamai.com ([172.27.123.103]) with mapi id 15.00.1473.005; Tue, 22 Oct 2019 12:44:34 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Rob Sayre <sayrer@gmail.com>, Stephen Farrell <stephen.farrell@cs.tcd.ie>
CC: "TLS@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] draft-ietf-tls-esni feedback
Thread-Index: AQHVh48Xcu8AFw12IkSiVjKLPouzoadlVIKAgAAYE4CAAAJ1AIAABCaAgAAeVgCAABO4AIAAA+OAgAAJKICAAAV3gIAAAoUAgAABPQCAAAKMgIAAhyYAgABSCwCAAG5ZgIAAAvSAgAAVAoD//8NLAA==
Date: Tue, 22 Oct 2019 16:44:34 +0000
Message-ID: <BE5E7283-6EF4-4113-ADBA-7790A5DFACD8@akamai.com>
References: <CAChr6Sw3f7du3JYxfcWSZje1zjDzsRBQyDjob-AvzjWeZzKW7g@mail.gmail.com> <CAChr6SwB+7Jt2TLJSQh3q=Roizdt2=9jCBa9nq8KRxRo=86uZQ@mail.gmail.com> <CABcZeBNBtDK7q175tseEUiCVds=khj4xXYJZRf7GU9VGNDJ_Tg@mail.gmail.com> <CAChr6Sz6xHtFWjOKrLp3sp9MpC-SoU9Sx=vk22ditjShA7B=Kg@mail.gmail.com> <CABcZeBOnE+gyNu7GarAfO0bptoPfzQQ=VKeWLdpJBDM=E4yhzg@mail.gmail.com> <CAChr6SxWE66jPRbnBRtwNSn3L+uNFkoFBbYNOBAkKDN05qotoA@mail.gmail.com> <CABcZeBOy8ogJrmFajxX1pqjqgnE61gE=c3CWz+pp34NWHmGKbw@mail.gmail.com> <03e15760-dfce-cd7b-baea-56ac70d92192@cs.tcd.ie> <CAChr6SzmpSn3Q8tBi+Pdc+Bq7stiukbufbh-jDt+AEtrkV8XGg@mail.gmail.com> <f87c2916-d03d-2715-7b36-7b70fead8df4@cs.tcd.ie> <CAChr6SxfT0ed5J89siGX23A0G77BJQWxFRDoJ1w0v7=5O0KERw@mail.gmail.com> <8063bb12-8462-53fa-fa62-1e5abb1a652e@cs.tcd.ie> <CAHbrMsBPJqzaUSa42gGq45MfsTvCVW7t95q3feWEiSYeSN9ocw@mail.gmail.com> <333fde42-76f9-1af3-0f0f-c70914b0222e@cs.tcd.ie> <CAHbrMsA0PFwvu3hvZgXMbe2Buzq9dQHgNJJLOqtyMUzb-qpc0A@mail.gmail.com> <04a5a50a-3268-d9fb-de16-abb9224409ed@cs.tcd.ie> <CAChr6SySVXsH1J7KGDJjjB=wdxhdaCe207pLn2fGFMmDb1q82w@mail.gmail.com>
In-Reply-To: <CAChr6SySVXsH1J7KGDJjjB=wdxhdaCe207pLn2fGFMmDb1q82w@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-MacOutlook/10.1e.0.191013
x-ms-exchange-messagesentrepresentingtype: 1
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [172.19.38.15]
Content-Type: multipart/alternative; boundary="_000_BE5E72836EF44113ADBA7790A5DFACD8akamaicom_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-10-22_03:, , signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 suspectscore=0 malwarescore=0 phishscore=0 bulkscore=0 spamscore=0 mlxscore=0 mlxlogscore=843 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1908290000 definitions=main-1910220139
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:6.0.95,1.0.8 definitions=2019-10-22_03:2019-10-22,2019-10-22 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 mlxlogscore=831 lowpriorityscore=0 phishscore=0 malwarescore=0 adultscore=0 priorityscore=1501 mlxscore=0 bulkscore=0 spamscore=0 suspectscore=0 impostorscore=0 clxscore=1015 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-1908290000 definitions=main-1910220139
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/U6SiabcwJW-jSzIlbHyQhP291Lo>
Subject: Re: [TLS] draft-ietf-tls-esni feedback
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 22 Oct 2019 16:46:47 -0000

>I don’t think the DNS record should dictate the padding so precisely. I’d like my client to send 260 (or whatever the right number is) whenever possible. As specified, short TTLs and varying padding could be a problem.

I think varying padding to some fixed multiple is a good trade-off.  Apparently the next published draft will say that.

v2.23.0 | Report a Bug | By Email