Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?

Aaron Zauner <> Thu, 03 December 2015 14:08 UTC

Return-Path: <>
Received: from localhost ( []) by (Postfix) with ESMTP id E36F61A884C for <>; Thu, 3 Dec 2015 06:08:01 -0800 (PST)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1] autolearn=ham
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id 3I770jgU38O7 for <>; Thu, 3 Dec 2015 06:08:00 -0800 (PST)
Received: from ( [IPv6:2a00:1450:4010:c04::232]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by (Postfix) with ESMTPS id 4F52F1A885D for <>; Thu, 3 Dec 2015 06:07:53 -0800 (PST)
Received: by lbblt2 with SMTP id lt2so2223402lbb.3 for <>; Thu, 03 Dec 2015 06:07:51 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gmail; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type; bh=1jRqhBPtk/Z4J/7M032lh5mesZwKsyBCaDsmCwZfT4g=; b=O5Qr7Cx0SLDCp3J7rwFK0oqZkRWF1evPMlYIwA6Dck76oJ7KG6t8tX3NtiQIIbY5qo iM73+ybXXqJeQtVsFJabBcKKuIOmX4JEO8bi79MB6DNHPvF71DxbXc0pkUQyBwho2PzO CzpdU8lZeWO9n3OcFMIm2wU0Gkd1OZ2lrCGrQ=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :cc:subject:references:in-reply-to:content-type; bh=1jRqhBPtk/Z4J/7M032lh5mesZwKsyBCaDsmCwZfT4g=; b=lUOMVaHdTvKx1HHZBCqghzs+GA12oE2reEjvNk/nI5FOek7NNh6yReWIEDPbuDaexR PLobVC+JtBFh2Ns8d37OKXMaodT2328URmlmdM5h6BPEf5i81mynJrQTt42AMEukxIyK ioKUYwqPcGtY5n9Z7GVZUunciSPhqROu0rWGwgmV1TXAsmOOMfZGm23fdNJNERo85Wci YHzhvNcOrZ48Ty95ZfIFh2GZvdII8uKTkE59IaxzIaHfVeFWba+c1jUBWOrL1yFOBW/f YQRYJ6N1d5fsuCgdQH6EFMWvd7NmV9G8i8zuiEYaz6sYQmeZYIdR5K70Y5JeCvCeGgw/ Yw2w==
X-Gm-Message-State: ALoCoQkOTDm1hgUWjKFXP37Fq4XmPeLMc4KRBLbA921odl5000O15yxocFzByDjoPE2zC4qI3Eya
X-Received: by with SMTP id dl3mr5729690lbc.27.1449151671378; Thu, 03 Dec 2015 06:07:51 -0800 (PST)
Received: from [] ([]) by with ESMTPSA id m64sm1413801lfd.45.2015. (version=TLS1 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 03 Dec 2015 06:07:49 -0800 (PST)
Message-ID: <>
Date: Thu, 03 Dec 2015 15:07:43 +0100
From: Aaron Zauner <>
User-Agent: Postbox 3.0.11 (Macintosh/20140602)
MIME-Version: 1.0
To: Jacob Appelbaum <>
References: <> <> <> <> <> <> <> <> <> <>
In-Reply-To: <>
X-Enigmail-Version: 1.2.3
Content-Type: multipart/signed; micalg="pgp-sha512"; protocol="application/pgp-signature"; boundary="------------enig1FA06C24F62748E58F3EC6FA"
Archived-At: <>
Cc: "" <>
Subject: Re: [TLS] Encrypting record headers: practical for TLS 1.3 after all?
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 03 Dec 2015 14:08:02 -0000


Aaron Zauner wrote:
> No it's not. It's a very short presentation from a TLS-WG interim
> meeting. The threat-model concerns Akamai's (and other's) current and -
> possibly - future use of TLS. We're not trying to build an Onion routing
> protocol. Given the FUD on the Tor dev list, this is a good thing. While
> the presentation might have flaws from the perspective of an Onion
> routing protocol developer, it reflects the point of view of a lot of
> people/companies on this list, I assume.

I don't think traffic analysis is in the treat model for TLS proper. If
we wanted to circumvent traffic analysis we'd have to introduce noise
and randomness (Pond does a good job there using Tor and other
mechanisms). I don't see how we can engineer a low-latency (now even
0-RTT) network security protocol that will do that in a performant
manner. When time comes and people have 10-40-100GE at home, maybe.
Infiniband would be nice. But that will still leave out use for 3rd
world countries (which still run on XP anyway). This is a technical list
and we should keep politics and FUD aside as best as possible.

Greetings from a very empty Sinai peninsula,