Re: [TLS] Final nail in the coffin for cleartext SNI/ALPN in TLS 1.3
Watson Ladd <watsonbladd@gmail.com> Thu, 07 November 2013 16:40 UTC
Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7841111E81D9 for <tls@ietfa.amsl.com>; Thu, 7 Nov 2013 08:40:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.544
X-Spam-Level:
X-Spam-Status: No, score=-2.544 tagged_above=-999 required=5 tests=[AWL=0.056, BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nv08WD50TaVz for <tls@ietfa.amsl.com>; Thu, 7 Nov 2013 08:40:05 -0800 (PST)
Received: from mail-we0-x229.google.com (mail-we0-x229.google.com [IPv6:2a00:1450:400c:c03::229]) by ietfa.amsl.com (Postfix) with ESMTP id AA34D11E825B for <tls@ietf.org>; Thu, 7 Nov 2013 08:39:57 -0800 (PST)
Received: by mail-we0-f169.google.com with SMTP id q58so799519wes.28 for <tls@ietf.org>; Thu, 07 Nov 2013 08:39:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=QRGrr+OuDRvDRdpOk2kADRfEgN1RortCCOoTRSt859Q=; b=VJkw7IffTvALgtm7v1ZQB2Ih9SzXgiSWjMMI8rx5N2cwNikmf0kehyhTjNFqCLUZZE PVXJ5bZL++YNx0SRKpoUoAzsQxi2YpZqqmHuXthNhXfwW4C3xUpE/EpjEFZ2haBWX9a8 pDkVF4u7Q4MYbYhsg+ue4LeAXVWdojA83GrMkgh1dP3eiHPBTYfs8mFZzmBS3MLm4f51 S1dZZeXYCDE7tpy1MJHr4GBok03amR+HN6qoC0eAWlJvWmT9eGnOY/VyeX1oLFflZdd6 P1QHQV3O3ZDBFbhUufWf6MkPbTIUUS5hIrCZAFWUQyr+Ls642Ke1NvV+4jjPgCZWhCaz NgtQ==
MIME-Version: 1.0
X-Received: by 10.194.93.3 with SMTP id cq3mr8343077wjb.26.1383842393483; Thu, 07 Nov 2013 08:39:53 -0800 (PST)
Received: by 10.194.242.131 with HTTP; Thu, 7 Nov 2013 08:39:53 -0800 (PST)
In-Reply-To: <CA+BZK2qUE3oS6Sbp1HbKZ7Wgen9gEjjdepON1egLhGqCPpoVBw@mail.gmail.com>
References: <CA+BZK2qUE3oS6Sbp1HbKZ7Wgen9gEjjdepON1egLhGqCPpoVBw@mail.gmail.com>
Date: Thu, 07 Nov 2013 08:39:53 -0800
Message-ID: <CACsn0c=VWmsfxvE_17+FyBASUXPCNrS1FQQ02fzhF5rA6zx4wQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Ralf Skyper Kaiser <skyper@thc.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Final nail in the coffin for cleartext SNI/ALPN in TLS 1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 07 Nov 2013 16:40:06 -0000
On Thu, Nov 7, 2013 at 8:32 AM, Ralf Skyper Kaiser <skyper@thc.org> wrote: > Hi, > > Thank you for the helpful TLS WG meeting yesterday at > the IETF88 and to the WG for the excellent work on > TLS. > > > No consensus was reached on ‘Reduced RT handshake with > privacy”. > > > Some thoughts why SNI (host name) and ALPN should be > transmitted encrypted and not in clear. > > > 1. Meta-data is important. Meta-data tells a lot about a person. > Meta-data can get a user killed or worse. Transmitting the host-name > (meta-data) in clear in TLS is not good (as in ‘not good because it > can get you killed’ and there is no alternative for the user – unless > the user is a tech-wizard.). They can use Tor. They need to anyway: reverse DNS lookups are not rocket science. > > > 2. What is the message to the user? TLS is secure – well, kind’a. > TLS secures some things but that you read freedom4gays.com, > secure.washingtonpost.com or myfavoritepoliticalparty.com is > leaked – but we still call it secure??? This is as secure as sending a sealed envelope through the mail. > > > 3. Governments just love filtering by site. (Block secure.twitter.com > but not blub.com). Same goes for filtering by application (ALPN). > Transmitting this information in clear plays into the hands of the > adversary. > > > > There are other ways how an adversary can extract the same meta-data. > This should not deter us from fixing it in TLS. Maybe we will find a > solution for the other problems as well (like confidential DNS). No, the other problem is you connect to the server and ask it to show you a page, and learn what the server is. The sole exception is multihosting, which is getting less common for various reasons. > > Fixing this in TLS increases the cost of surveillance. This is the goal. > > > An adversary can no longer use passive surveillance to extract SNI/ALPN. > The adversary is forced to do detectable active surveillance to get the > meta-data). > > > Those who give up security for a little bit of performance neither > deserve security nor performance. > > > > Regards, > > > > Ralf > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- [TLS] Final nail in the coffin for cleartext SNI/… Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Watson Ladd
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Salz, Rich
- Re: [TLS] Final nail in the coffin for cleartext … Ryan Hurst
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Daniel Kahn Gillmor
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Seth David Schoen
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Watson Ladd
- Re: [TLS] Final nail in the coffin for cleartext … Salz, Rich
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Michael D'Errico
- Re: [TLS] Final nail in the coffin for cleartext … Jacob Appelbaum
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Michael D'Errico
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Sean Leonard
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Juho Vähä-Herttua
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Phillip Hallam-Baker
- Re: [TLS] Final nail in the coffin for cleartext … Daniel Kahn Gillmor
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Daniel Kahn Gillmor
- Re: [TLS] Final nail in the coffin for cleartext … Juho Vähä-Herttua
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Yoav Nir
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Martin Rex
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Bodo Moeller
- Re: [TLS] Final nail in the coffin for cleartext … Marsh Ray
- Re: [TLS] Final nail in the coffin for cleartext … Ralf Skyper Kaiser
- Re: [TLS] Final nail in the coffin for cleartext … Geoffrey Keating