IETF Logo Mail Archive

Re: [TLS] Encrypting ALPN and other unused extensions

"Salz, Rich" <rsalz@akamai.com> Mon, 28 April 2014 13:35 UTC

Return-Path: <rsalz@akamai.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A4AF1A015E for <tls@ietfa.amsl.com>; Mon, 28 Apr 2014 06:35:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.651] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id OF97-boWg2TD for <tls@ietfa.amsl.com>; Mon, 28 Apr 2014 06:35:03 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (prod-mail-xrelay07.akamai.com [72.246.2.115]) by ietfa.amsl.com (Postfix) with ESMTP id 7B04F1A0795 for <tls@ietf.org>; Mon, 28 Apr 2014 06:35:03 -0700 (PDT)
Received: from prod-mail-xrelay07.akamai.com (localhost.localdomain [127.0.0.1]) by postfix.imss70 (Postfix) with ESMTP id A1BAC4736B; Mon, 28 Apr 2014 13:35:02 +0000 (GMT)
Received: from prod-mail-relay02.akamai.com (prod-mail-relay02.akamai.com [172.17.50.21]) by prod-mail-xrelay07.akamai.com (Postfix) with ESMTP id 95E9F47329; Mon, 28 Apr 2014 13:35:02 +0000 (GMT)
Received: from usma1ex-cashub.kendall.corp.akamai.com (usma1ex-cashub6.kendall.corp.akamai.com [172.27.105.22]) by prod-mail-relay02.akamai.com (Postfix) with ESMTP id 88B7FFE055; Mon, 28 Apr 2014 13:35:02 +0000 (GMT)
Received: from USMBX1.msg.corp.akamai.com ([172.27.107.26]) by USMA1EX-CASHUB6.kendall.corp.akamai.com ([172.27.105.22]) with mapi; Mon, 28 Apr 2014 09:35:02 -0400
From: "Salz, Rich" <rsalz@akamai.com>
To: Watson Ladd <watsonbladd@gmail.com>, Michael D'Errico <mike-list@pobox.com>
Date: Mon, 28 Apr 2014 09:35:01 -0400
Thread-Topic: [TLS] Encrypting ALPN and other unused extensions
Thread-Index: Ac9iVi26ozfI9a3LRkeOJKlZsbFfaAAkHIhw
Message-ID: <2A0EFB9C05D0164E98F19BB0AF3708C7120C61F52C@USMBX1.msg.corp.akamai.com>
References: <535A8CED.7030805@pobox.com> <20140425173608.E1A2E1ACE0@ld9781.wdf.sap.corp> <D40A7DE25C5AA54195F82EA553F24460098E8321CB@USMBX1.msg.corp.akamai.com> <CACsn0cmcNXksu0ig8ZzkuAwBGrBSPv2yAg8XdBDC72j4F2HBJg@mail.gmail.com> <535B6235.9090907@pobox.com> <CACsn0cmS9oWuCbX4nm7u25STcp=bJqzZED45FkT8__k7Z7OrMw@mail.gmail.com> <535D60AD.4040006@pobox.com> <CACsn0cnQ8ndMiucX-EW-_0C4KAm706MFcxXBRAgmPk3po10==A@mail.gmail.com>
In-Reply-To: <CACsn0cnQ8ndMiucX-EW-_0C4KAm706MFcxXBRAgmPk3po10==A@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/jFt6AKQ5b5JrfvmMbKCqHvVU6W4
Cc: "tls@ietf.org" <tls@ietf.org>
Subject: Re: [TLS] Encrypting ALPN and other unused extensions
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 28 Apr 2014 13:35:09 -0000

> work. I'd like it to work. But it might not work. I think it's worth identifying alternative designs and thinking about them before Denver, so that if it turns out we can't encrypt SNI, we can encrypt other extensions in need of encryption.

+1


--  
Principal Security Engineer
Akamai Technologies, Cambridge, MA
IM: rsalz@jabber.me; Twitter: RichSalz

v2.23.0 | Report a Bug | By Email