IETF Logo Mail Archive

Re: [TLS] About encrypting SNI

Watson Ladd <watsonbladd@gmail.com> Tue, 13 May 2014 02:40 UTC

Return-Path: <watsonbladd@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 77CCE1A03BC for <tls@ietfa.amsl.com>; Mon, 12 May 2014 19:40:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id isIzsRwfql7x for <tls@ietfa.amsl.com>; Mon, 12 May 2014 19:40:52 -0700 (PDT)
Received: from mail-yh0-x231.google.com (mail-yh0-x231.google.com [IPv6:2607:f8b0:4002:c01::231]) by ietfa.amsl.com (Postfix) with ESMTP id 8C8991A03B9 for <tls@ietf.org>; Mon, 12 May 2014 19:40:52 -0700 (PDT)
Received: by mail-yh0-f49.google.com with SMTP id c41so7140929yho.36 for <tls@ietf.org>; Mon, 12 May 2014 19:40:46 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; bh=C0xEZISJuqqtmJdIDlYh6mhliSsm4eZBg1oiUgAADhA=; b=DwKf65lmN4NHINRMvJ/mzS66hYvug2UwKkBzPYtt/UZYrtGOL1QGYCGNgHdhiMyb1h S4uNHiIzygSaYHCxWMx2JcnN3vj6yZ3IhHw4Md7ayqJoEwTjAq5y5e1QJ5QyUNhfkwii 0FcA8oj28pWatvYL7EVewN5Rp+Z3JlvO8mUjxX4KJnyKVdm1YwfPmQknhYbd2Ag+o3Xp puMdROCCzZdb4jXSbqY8YWZxODvE8BlfxccFY7+Knu+SgI57EGiwHliXwDXr83Ky1Tp3 OGJOOfN69P2XtNo15bma3BG6YcNze3kov1YkXJOS1TQD5Bj/qNyG0pFg9XEFvPZ8Tk6N a32w==
MIME-Version: 1.0
X-Received: by 10.236.84.98 with SMTP id r62mr47394747yhe.9.1399948846358; Mon, 12 May 2014 19:40:46 -0700 (PDT)
Received: by 10.170.63.197 with HTTP; Mon, 12 May 2014 19:40:46 -0700 (PDT)
In-Reply-To: <53717B28.9080407@pobox.com>
References: <2A0EFB9C05D0164E98F19BB0AF3708C7120A04ED40@USMBX1.msg.corp.akamai.com> <CA+cU71kFo6EihTVUrRRtBYEHbZwCa9nZo-awt4Sub2qXcKHC7g@mail.gmail.com> <m2k3apmjk2.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CALCETrU6zn52yX=Q-_h4epR6W9+f2oTr3yfyK1sxiwGa2dvWGw@mail.gmail.com> <CAKC-DJgNvF=hhwoyRNkJ3vKz9EZ_JpoM84bCip6eProLwsQsEg@mail.gmail.com> <CALCETrWY_-N+nM9N0_gbeffkX5Jo8vn7XKeFCezGiwq2A74Wjw@mail.gmail.com> <CAKC-DJg6kRLezM+Q60VLY=dBU9C_Q9hb_0u7WD-HHWVJ5Y6tRQ@mail.gmail.com> <CALCETrX7Dv9_+uM7VqotHGurS+k6K5wKzeXEj7zuekd8+0qOJQ@mail.gmail.com> <566E6D8E-ACD5-4B21-9586-84C149F6A1B9@akamai.com> <CALCETrUi+fc9LW1iqx0bFuAsgygmeorR9AnzLN+abGx08y152A@mail.gmail.com> <5204AB60-0B32-4953-9D3D-C2756883D39D@akamai.com> <CALCETrXOaNihRRNQ3RQsctbipAGq67cSUofOm0AOb-YWENFFwQ@mail.gmail.com> <m238hblob1.fsf@usma1mc-0csx92.kendall.corp.akamai.com> <CABcZeBN0i9Su1SuY6AZE7MBbPEPXRKAVQ1k7b+vOJKfpPEw3Ww@mail.gmail.com> <859F43324A6FEC448BFEA30C90405FA9037D56@SEAEMBX02.olympus.F5Net.com> <53717B28.9080407@pobox.com>
Date: Mon, 12 May 2014 19:40:46 -0700
Message-ID: <CACsn0c=epMg1_AUrzCzy5QDkW7bfcrJ=CNKhCbNKSHO_vhfUWQ@mail.gmail.com>
From: Watson Ladd <watsonbladd@gmail.com>
To: Michael D'Errico <mike-list@pobox.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/dLp3eBZWj6RoStrdRhTio-246eM
Cc: TLS Mailing List <tls@ietf.org>
Subject: Re: [TLS] About encrypting SNI
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 13 May 2014 02:40:54 -0000

On Mon, May 12, 2014 at 6:53 PM, Michael D'Errico <mike-list@pobox.com> wrote:
> David Holmes wrote:
>>
>> ➢ so a server under load can, in the initial opportunistic encryption
>> phase, push back to a client and ask for a puzzle to be solved?
>>
>> I was describing this idea to a colleague, and the first thing he said was
>> "could you have the client mine some bitcoin for you? As a show of good
>> faith?"
>
>
> Sure!  After we get rid of TLS compression, RSA key transport, non-AEAD
> ciphers,
> and all the other crud, let's plug in Bitcoin!  ;-)

We're not getting rid of these things because they are needless
complexity (although they are) but because they are horrifically
broken.

Plugging in a puzzle consisting of doing some SHA-256 evaluations
doesn't open up any holes. It seems to solve a real security issue,
but might not be that effective: botnets have CPU to burn. I'm mildly
for it. And if someone makes it into an altcoin somehow we might
accidentally fix web micropayments.

I think bigger issues are ensuring the security properties in TLS 1.3
are what we want them to be (sine qua non), making it clear what you
have to implement to implement TLS, possibly letting alternatives to
X509 be of equal standing, tightening up the language to make the
first goal and second easier. Puzzles are a nice way to ensure DOS is
hard.

Sincerely,
Watson Ladd

> Mike
>
>
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls



-- 
"Those who would give up Essential Liberty to purchase a little
Temporary Safety deserve neither  Liberty nor Safety."
-- Benjamin Franklin

v2.23.0 | Report a Bug | By Email