Re: [TLS] ESNI Android Implementation

Nick Sullivan <nick@cloudflare.com> Thu, 13 February 2020 21:35 UTC

Return-Path: <nick@cloudflare.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A212112026E for <tls@ietfa.amsl.com>; Thu, 13 Feb 2020 13:35:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cloudflare.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LpgHhWSxJsan for <tls@ietfa.amsl.com>; Thu, 13 Feb 2020 13:35:34 -0800 (PST)
Received: from mail-vk1-xa33.google.com (mail-vk1-xa33.google.com [IPv6:2607:f8b0:4864:20::a33]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7BC22120236 for <tls@ietf.org>; Thu, 13 Feb 2020 13:35:34 -0800 (PST)
Received: by mail-vk1-xa33.google.com with SMTP id b2so2020655vkk.4 for <tls@ietf.org>; Thu, 13 Feb 2020 13:35:34 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cloudflare.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=+Wl8T/5Ht6Uw2smTOjwD0LADeZJjpT+iOPjmZcpQhXM=; b=aAMmn2fPNFo/piesID+pffVyi4hXaw50x3MYnXUMDgkAyODSsXK+bpmGyAxVeiNiW2 DLLUzIeGVV9wLdbmkLpXh6fsGD0gkjUBNROC5IeGKW9CFJ7K9eJTLvRWs7t+IC7wqQug CIZCaN1rz5SuyweN3Eh6XXrNX4YQm+bJgdOXI=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=+Wl8T/5Ht6Uw2smTOjwD0LADeZJjpT+iOPjmZcpQhXM=; b=bmmzrjpsYCxps1KB7tPEzCxfSYtoMG87Oymddw+cO8RwrtTyCF/JiiKp83eHWudB0V ZUF6A2cG8Ixbrqsem698AZWkvyBSsMVj+q0+cSR+s/JCwWa4W7iuMEXJhPH3mdaWXvGW IQ6/LWEbQgX9ZR9zKq5c/v9+SjaE57EeRgVKQo9JpBkk/InLgTulY+DogIyN8kT4U1kI i/3HwCewN4mp1DrvgZWolAsZd/BIBRXc4qJvrGR7NOHpjfAFKag+enKbncyeci16Tiui bTIwwoneOC+ia5vR1zyi+a5VOVWRyIP+5CsQTg05v7An4rSt/lzHgAZbvnGqhJcL0os7 sLLw==
X-Gm-Message-State: APjAAAWVYB9FHNXdewlNij91b66KYPs632rUat6Q1nSoJ9JcEcexKNvh MmVu91EfEt8r3p1jBy4VHNkErG05asHrukczuqyprw==
X-Google-Smtp-Source: APXvYqwkvlbKVXVZWIxdrAjSFgSa0H4Exz9lWYmGguYEXbShrlexCqxzfXuJNcmqtGJlcekqmQm6mxq2C2nsWRL5tns=
X-Received: by 2002:a1f:a9d0:: with SMTP id s199mr61889vke.40.1581629733446; Thu, 13 Feb 2020 13:35:33 -0800 (PST)
MIME-Version: 1.0
References: <CALd5by3_MLtnjK1mygfWbEe=S83t2K3tvOcoUNgbBQJOYXgyXA@mail.gmail.com>
In-Reply-To: <CALd5by3_MLtnjK1mygfWbEe=S83t2K3tvOcoUNgbBQJOYXgyXA@mail.gmail.com>
From: Nick Sullivan <nick@cloudflare.com>
Date: Thu, 13 Feb 2020 13:34:15 -0800
Message-ID: <CAFDDyk_4NAsafb-Tf+7f0eGR=sKZxu_vSNS2K2T2-_DuXuefYg@mail.gmail.com>
To: Justice Parham <justking100@gmail.com>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="0000000000006dd4e4059e7bde63"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/gcfD3dtTOJjtuy9PRzXl0Iq_AXU>
Subject: Re: [TLS] ESNI Android Implementation
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 13 Feb 2020 21:35:37 -0000

Hi Justice,

Thanks for reaching out and welcome. At this point, another implementation
of draft-02 wouldn't hurt, but it also likely won't contribute much to the
development process for this document. We've learned what we can from -02
and the upcoming draft version will likely be radically different from the
existing published version, so you likely won't be able to re-use much
code. If it's possible for your schedule I recommend waiting or exploring
questions like how applications with different TLS stacks can get access to
ESNI records if they're fetched system-wide.

Nick

On Tue, Jan 21, 2020 at 12:30 AM Justice Parham <justking100@gmail.com>;
wrote:

> Hello tlsWG,
>
> First I would like to introduce myself to you. My name is Justice Parham
> (github mrsylerpowers) a current Senior Undergraduate Student at North
> Carolina A&T State University. As my senior project I decided to create a
> android system wide implementation of the ESNI Draft. I am planning on
> implementing draft-ietf-tls-esni-02 because this is the version that
> cloudflare currently has published on their servers. I am planning on
> upgrading to newer versions of ESNI as more implementations come out on the
> server side
>
> My question to everyone is if creating this implementation will hurt or
> help this document? I would really like for this to be a standard that is
> used everywhere in every browser and in every computer. But I understand draft-ietf-tls-sni-encryption
> 3.4
> <https://tools.ietf.org/html/draft-ietf-tls-sni-encryption-09#section-3.4>'s
> importance about not sticking out. Is there a time where vendors all plan
> to implement or do you think this is a perfect time to create this?
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls
>