Re: [TLS] Possible blocking of Encrypted SNI extension in China

Peter Gutmann <pgut001@cs.auckland.ac.nz> Wed, 12 August 2020 06:09 UTC

Return-Path: <pgut001@cs.auckland.ac.nz>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 835E53A106D for <tls@ietfa.amsl.com>; Tue, 11 Aug 2020 23:09:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.898
X-Spam-Level:
X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QybFj_CprktH for <tls@ietfa.amsl.com>; Tue, 11 Aug 2020 23:09:57 -0700 (PDT)
Received: from au-smtp-delivery-117.mimecast.com (au-smtp-delivery-117.mimecast.com [124.47.189.117]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AFE043A1068 for <tls@ietf.org>; Tue, 11 Aug 2020 23:09:56 -0700 (PDT)
Received: from AUS01-SY3-obe.outbound.protection.outlook.com (mail-sy3aus01lp2051.outbound.protection.outlook.com [104.47.117.51]) (Using TLS) by relay.mimecast.com with ESMTP id au-mta-14-9_FR1tx7PmWP6RcFCnpgDA-1; Wed, 12 Aug 2020 16:09:52 +1000
X-MC-Unique: 9_FR1tx7PmWP6RcFCnpgDA-1
Received: from SG2PR02CA0032.apcprd02.prod.outlook.com (2603:1096:3:18::20) by SYCPR01MB3854.ausprd01.prod.outlook.com (2603:10c6:10:3d::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3261.20; Wed, 12 Aug 2020 06:09:51 +0000
Received: from SG2APC01FT060.eop-APC01.prod.protection.outlook.com (2603:1096:3:18:cafe::f7) by SG2PR02CA0032.outlook.office365.com (2603:1096:3:18::20) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3283.15 via Frontend Transport; Wed, 12 Aug 2020 06:09:51 +0000
X-MS-Exchange-Authentication-Results: spf=none (sender IP is 130.216.95.208) smtp.mailfrom=cs.auckland.ac.nz; huitema.net; dkim=none (message not signed) header.d=none;huitema.net; dmarc=none action=none header.from=cs.auckland.ac.nz;
Received: from uxcn13-ogg-d.UoA.auckland.ac.nz (130.216.95.208) by SG2APC01FT060.mail.protection.outlook.com (10.152.251.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384) id 15.20.3283.16 via Frontend Transport; Wed, 12 Aug 2020 06:09:50 +0000
Received: from uxcn13-tdc-d.UoA.auckland.ac.nz (10.6.3.5) by uxcn13-ogg-d.UoA.auckland.ac.nz (10.6.2.5) with Microsoft SMTP Server (TLS) id 15.0.1497.2; Wed, 12 Aug 2020 18:09:48 +1200
Received: from uxcn13-tdc-d.UoA.auckland.ac.nz ([fe80::99ff:fdcc:ecb:10c7]) by uxcn13-tdc-d.UoA.auckland.ac.nz ([fe80::99ff:fdcc:ecb:10c7%14]) with mapi id 15.00.1497.006; Wed, 12 Aug 2020 18:09:48 +1200
From: Peter Gutmann <pgut001@cs.auckland.ac.nz>
To: Rob Sayre <sayrer@gmail.com>
CC: Christian Huitema <huitema@huitema.net>, Christopher Wood <caw@heapingbits.net>, "TLS@ietf.org" <tls@ietf.org>
Thread-Topic: [TLS] Possible blocking of Encrypted SNI extension in China
Thread-Index: AQHWZo5K+iu3hjU4UEa0XHCZQtwYy6kfpOkAgA+KOACAAZBRDP//9AqAgAGtqQz//z7aAIAA1Exf//85pgAAGbGd0///O3IAgAAJ4ICAAM/+FP//TpcAgAIxp+U=
Date: Wed, 12 Aug 2020 06:09:48 +0000
Message-ID: <1597212593599.49404@cs.auckland.ac.nz>
References: <uGJxvVQRPcgn2GZKsKuuVN4SyTe7EOiV3iEK3Cq3Izo0ZstAh1LxEzMKrDZ_0VTrLqeYXQb4k1Qy5uJmEy04zNgngoHBONhVZnvddYYybt8=@iyouport.org> <71e4d18d-9ad8-fd72-729c-db5a0cf7593b@huitema.net> <20200809153526.vf5zlongieoswb22@bamsoftware.com> <1597030308337.61220@cs.auckland.ac.nz> <67d52e25-71ed-4584-b2c3-6a71a6bdd346@www.fastmail.com> <1597119980162.55300@cs.auckland.ac.nz> <b32110f8-c9ba-e8db-f136-7cc60eba54e4@huitema.net> <1597123970590.77611@cs.auckland.ac.nz> <CAChr6SzzuyB7sxXJQ4gNJwa3iaQcC5jGPE3-sgfY_EkB7DoykA@mail.gmail.com> <1597125488037.97447@cs.auckland.ac.nz> <CAChr6SxLAJyweEDHL48-hT3X=d5E6jNrWZheOt+fSydpS=HhQw@mail.gmail.com> <c7e033d9-aa39-1293-2233-4ebb8d1502dc@huitema.net> <1597130085200.4129@cs.auckland.ac.nz>, <CAChr6SypqD+J0LjJWxOQNQhXAvR7R4oLZQCKq_0PPbs+xjiSwg@mail.gmail.com>
In-Reply-To: <CAChr6SypqD+J0LjJWxOQNQhXAvR7R4oLZQCKq_0PPbs+xjiSwg@mail.gmail.com>
Accept-Language: en-NZ, en-GB, en-US
Content-Language: en-NZ
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [130.216.158.4]
MIME-Version: 1.0
X-EOPAttributedMessage: 0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: a9a6572c-45ed-4d0b-d37b-08d83e865284
X-MS-TrafficTypeDiagnostic: SYCPR01MB3854:
X-Microsoft-Antispam-PRVS: <SYCPR01MB3854E61B5158F30C2BCAA18DEE420@SYCPR01MB3854.ausprd01.prod.outlook.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:6430;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: FYCgmuavbBo3vHA1Hq4wI0YYXoxyRK0xmVciWBFG1YTYVQUlxbKofr0ch5GPowBthi1L1f4wX4LF3Qub68KXKWlf2t8bXg4hjD92sbxK/GtzX1ZvuuMFmJL0vZPyRfrbN9c8iC3Gs8YQzbM32fJgdp3PymGLn9p69FH17Qc4s7CedG8mbdfOskNYtAaKoim6Fun8rNbsBKkzKdFk8c16l8O53qQ8yPeirOEuOfoHYgkKcCNx4we0kVtSv8JJelMZhXoiZS0+vnGJJs2NdedSS8/bs5VqrnquSeBRFI295S1RN9GsUDiWfq2Zn6XrCrrN/43OPEceol3v/22EXu/eUDG52jFlW/axOoXleLwH+ZKjDsWpR4BFid/sA9t/ugzGny6uC34tRKE6TS7OpiDWKA==
X-Forefront-Antispam-Report: CIP:130.216.95.208; CTRY:NZ; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:uxcn13-ogg-d.UoA.auckland.ac.nz; PTR:natgate1-1.auckland.ac.nz; CAT:NONE; SFTY:; SFS:(4636009)(39860400002)(136003)(346002)(396003)(376002)(46966005)(82310400002)(8936002)(82740400003)(186003)(7636003)(2616005)(4744005)(6916009)(47076004)(26005)(86362001)(8676002)(4326008)(786003)(316002)(54906003)(70586007)(2906002)(5660300002)(36906005)(70206006)(478600001)(356005)(336012); DIR:OUT; SFP:1101;
X-OriginatorOrg: cs.auckland.ac.nz
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Aug 2020 06:09:50.1112 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: a9a6572c-45ed-4d0b-d37b-08d83e865284
X-MS-Exchange-CrossTenant-Id: d1b36e95-0d50-42e9-958f-b63fa906beaa
X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=d1b36e95-0d50-42e9-958f-b63fa906beaa; Ip=[130.216.95.208]; Helo=[uxcn13-ogg-d.UoA.auckland.ac.nz]
X-MS-Exchange-CrossTenant-AuthSource: SG2APC01FT060.eop-APC01.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SYCPR01MB3854
Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CAU17A13 smtp.mailfrom=pgut001@cs.auckland.ac.nz
X-Mimecast-Spam-Score: 0
X-Mimecast-Originator: cs.auckland.ac.nz
Content-Type: text/plain; charset=WINDOWS-1252
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gSL-IQj2tvI34RSeyy_sj0mZUBQ>
Subject: Re: [TLS] Possible blocking of Encrypted SNI extension in China
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Aug 2020 06:09:59 -0000

Rob Sayre <sayrer@gmail.com> writes:

>I'm confused. That seems to be a bunch of boilerplate surrounding a Salon
>article from 2015:

I just took the first Google result that seems to cover the material...

>It also contains references to supplementary material, like whether
>Intelligent Design can be linked to information theory:
>
>I am not sure this issue is on topic for this list.

And Salon, which you linked to, has published articles on how vaccines cause
autism.  I'm sure readers will be able to tell the difference between a
discussion of KGB decloaking of CIA assets and anti-vaxxer stories.

>You could link it, perhaps.

See my comments in an earlier post, I don't catalogue every paper and preprint
and draft that comes across my desk...

Peter.