Re: [TLS] Tonight's Encrypted SNI Hangout Session
David P <dbpaull1@gmail.com> Mon, 13 November 2017 18:45 UTC
Return-Path: <dbpaull1@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5EF31129B4C for <tls@ietfa.amsl.com>; Mon, 13 Nov 2017 10:45:55 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.749
X-Spam-Level:
X-Spam-Status: No, score=-1.749 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VgujnDPpLPoS for <tls@ietfa.amsl.com>; Mon, 13 Nov 2017 10:45:54 -0800 (PST)
Received: from mail-qt0-x236.google.com (mail-qt0-x236.google.com [IPv6:2607:f8b0:400d:c0d::236]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C50DA129B49 for <tls@ietf.org>; Mon, 13 Nov 2017 10:45:53 -0800 (PST)
Received: by mail-qt0-x236.google.com with SMTP id 8so20834013qtv.1 for <tls@ietf.org>; Mon, 13 Nov 2017 10:45:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vSu2ln8dpINvW1/tLcLGsqROhcZSGATJ3fxyhIZ1UpE=; b=N4eFWWjKYpkcVWi9DiiAMgMpWkiluEk2DAd+fR/5ri51iqBuQljlDfMr46D7WW7Ax5 8IfT/bUYNnsi3BIx5SYrSs25PXGhp6iC5y9xRalTX1o1S5RWXDMow2wH3VnWLIKZKckG fBISuoQQIFYCt7pM3Bqt+3bLCLmo4ORy7numIkg89RfZCDSnSyUGu/Njf0EtbsJMevqk eWe/rWiHzWBAtO1KAHC3ClLh8yj0J576/Dx/kdfjD7OJLE9sr9qidTXidxyLu8jFifDL phl/WNVG18glEg/I+Y1umaKI5KWIqPFjkvh1Ky4DYbczH+rE8e3gjxJh4WwgmR+0fp+z h4LQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vSu2ln8dpINvW1/tLcLGsqROhcZSGATJ3fxyhIZ1UpE=; b=XP39NZcVg93CJpK0XfUP8g+zAj/SH0RtI7fjqg8eew0BNJNIiAvEs2QB5hduiSsCPS ENWalWafRBjLr4XbFSt727GxYTpzZRpHcow3WpqzzxPumCzYFIhBKV2g4we3bGBYedNf hu+CCgOxc+8SI7bBDSh37WaLqfag1Sv3FSp2M6X5PsukukILlUNRR98j3JSRKOGRexNf g8BYOtN2vdQ3D9fC7g1G39hgBHNhcIQ5eoMxNcw/AjNlQPCTeXzaTGgbGBYWbE2+wOpJ 7q/D4kcyq6FbLZro3QLSLc3FfKMWkGC0FhCvvfjTZaihF8bvhYjm4ReIqvGZgvqbdnDR 46dQ==
X-Gm-Message-State: AJaThX5J9yUTynTKh+z7ttgZ9W++06Ko3HYQU5QchOv7zG40/lcd5hih 8ZIdDbGUegng1ATxp6BjU6505LISfYo=
X-Google-Smtp-Source: AGs4zMYOlR/qYHih6yVMHsUH9WG1XGLXAlQmHb9BKIUk2fL9VKWzxtp4hccZC8vVf3BGaq+87lQJNQ==
X-Received: by 10.200.12.193 with SMTP id o1mr15396270qti.254.1510598752917; Mon, 13 Nov 2017 10:45:52 -0800 (PST)
Received: from [28.175.224.223] (99-203-16-116.pools.spcsdns.net. [99.203.16.116]) by smtp.gmail.com with ESMTPSA id y62sm11013688qkb.92.2017.11.13.10.45.52 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 13 Nov 2017 10:45:52 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: David P <dbpaull1@gmail.com>
X-Mailer: iPhone Mail (15A432)
In-Reply-To: <20171113175533.d2ncygry5imzqdw3@LK-Perkele-VII>
Date: Mon, 13 Nov 2017 13:45:51 -0500
Cc: Bret Jordan <jordan.ietf@gmail.com>, tls@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <6FEBB0BE-24F1-4902-893B-7900A78E5625@gmail.com>
References: <CAPCpN4t4m9M6u=E29u=TQnBScjRTfA91K9pdyPG3nvyi+GHC3w@mail.gmail.com> <20171113175533.d2ncygry5imzqdw3@LK-Perkele-VII>
To: Ilari Liusvaara <ilariliusvaara@welho.com>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/iVbg1bNRm4bYfMKLV3SrSodcLwY>
Subject: Re: [TLS] Tonight's Encrypted SNI Hangout Session
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Nov 2017 19:06:52 -0000
New here. What about a use case (for SNI) of different teams (or budgets) procuring certificates for different sites housed on either the same server, or at least in the same data center behind the same load balancing device? And SNI being used at a gateway, or entry point to that enterprise’s WAN. Sent from my iPhone > On Nov 13, 2017, at 12:55 PM, Ilari Liusvaara <ilariliusvaara@welho.com> wrote: > >> On Mon, Nov 13, 2017 at 09:28:23PM +0800, Bret Jordan wrote: >> >> 3) We need to compile a list of use cases and scenarios in a draft document >> that talk about how the SNI (for good or for bad) is being used today and >> what an encrypted SNI will mean for these use cases. > > What I think SNI is mainly (legimately) used for: > > - Specify the certificate. > - Specify the next service (both before and after TLS termination). > > Ideally, specifying certificate would be enough to specify the next > service. But we all know reality is not ideal, so it might not be. > In the converse direction, having multiple certificates all covering > the same next service is very common (e.g., it would requre special > setup with common webservers not to have it this way). > > As to specifying certificate, there are many reasons why a server > might want multiple certificates: > > - There are too many names to put into one certificate. > - Putting all the names into one certificate would be difficult to > manage. > - The server wants to make some separation between the names. > - The names have different next service. > > > One can note that both uses are really just to save IP address space. > There are two main reasons why one would want to do that: > > - Conserving address space (IPv4!!!). > - Avoiding adminstrative overhead of multiple IP addresses. > > > Easier way to partially solve this would be to reduce the granularity > of data. Does not work with all servers. > > > The more difficult way would be to actually encrypt the SNI value > (bound to the client public key to avoid a nasty attack that breaks > the entiere scheme). This would make SNI before-termination routing > more difficult, and absent something nontrivial, would increase the > server handshake cost by over a half. > > > However, much of the "encrypted SNI" discusion has been about different > thing, namely proxying. Which is whole another can of worms, and is > also a three-party protocol, not two-party. > > > > > -Ilari > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Tom Ritter
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Ilari Liusvaara
- Re: [TLS] Tonight's Encrypted SNI Hangout Session David P
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Ilari Liusvaara
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Christian Huitema
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Salz, Rich
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Yoav Nir
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Bret Jordan
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Flemming Andreasen
- Re: [TLS] Tonight's Encrypted SNI Hangout Session Sean Turner