IETF Logo Mail Archive

Re: [TLS] About encrypting SNI

Yoav Nir <ynir.ietf@gmail.com> Tue, 15 April 2014 13:52 UTC

Return-Path: <ynir.ietf@gmail.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 71C2A1A0213 for <tls@ietfa.amsl.com>; Tue, 15 Apr 2014 06:52:59 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id M0XE_rgBxVy0 for <tls@ietfa.amsl.com>; Tue, 15 Apr 2014 06:52:54 -0700 (PDT)
Received: from mail-ee0-x22f.google.com (mail-ee0-x22f.google.com [IPv6:2a00:1450:4013:c00::22f]) by ietfa.amsl.com (Postfix) with ESMTP id E866B1A039C for <tls@ietf.org>; Tue, 15 Apr 2014 06:52:53 -0700 (PDT)
Received: by mail-ee0-f47.google.com with SMTP id b15so7730052eek.6 for <tls@ietf.org>; Tue, 15 Apr 2014 06:52:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=JNdlJT05zW3+tPZ1YWNls3Lb71nfuXpzOr26myOejVM=; b=qBET2YozpB6xhcPvkBqbl5MPb6WRgbo059ttLqE2NrP8QH0AaiVFHAbgARZ5Dx35TR uJIfc/Dcj9KMT5VYR7VWUUztWSLR4dnHjiVuD9WDCMwfm2naN0nIuy8fJvRtQLeun1zr 8S+raG6Vrugvt3wUAwb81rgi7/R+VBpK+sQXT0emUta/ot9ygnr84/CqLOL4FryVBO0l 2PxJXpAYjSMKjcwPe4Px+TVfyaZuZl9Nl/YKs5bBY1hvit6npbAdfyLoSK6aFAhTjwtb 0wcxyNPk4UXVLdXu44TLfoSUldlc0oX6CaRTzSc2RZHGr2bMhSZFUQFu5biZyYBcro7T utdQ==
X-Received: by 10.14.100.69 with SMTP id y45mr2733594eef.108.1397569970554; Tue, 15 Apr 2014 06:52:50 -0700 (PDT)
Received: from [192.168.1.101] (bzq-84-109-50-18.red.bezeqint.net. [84.109.50.18]) by mx.google.com with ESMTPSA id m44sm49329294eep.14.2014.04.15.06.52.49 for <multiple recipients> (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Tue, 15 Apr 2014 06:52:49 -0700 (PDT)
Content-Type: text/plain; charset="windows-1252"
Mime-Version: 1.0 (Mac OS X Mail 7.2 \(1874\))
From: Yoav Nir <ynir.ietf@gmail.com>
In-Reply-To: <2A0EFB9C05D0164E98F19BB0AF3708C7120B490291@USMBX1.msg.corp.akamai.com>
Date: Tue, 15 Apr 2014 16:52:50 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <A4745833-76B0-45C3-B926-B240602F2289@gmail.com>
References: <2A0EFB9C05D0164E98F19BB0AF3708C7120A04ED40@USMBX1.msg.corp.akamai.com> <534C3D5A.3020406@fifthhorseman.net> <474FAE5F-DE7D-4140-931E-409325168487@akamai.com> <D2CB0B72-A548-414C-A926-A9AA45B962DA@gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7120B490162@USMBX1.msg.corp.akamai.com> <CACsn0cmusUc3Rsb2Wof+dn0PEg3P0bPC3ZdJ75b9kkZ5LDGu_A@mail.gmail.com> <2A0EFB9C05D0164E98F19BB0AF3708C7120B490291@USMBX1.msg.corp.akamai.com>
To: Rich Salz <rsalz@akamai.com>
X-Mailer: Apple Mail (2.1874)
Archived-At: http://mailarchive.ietf.org/arch/msg/tls/lUc1u-0WExV4mahljODB3Ksxwwo
Cc: "TLS@ietf.org (tls@ietf.org)" <tls@ietf.org>
Subject: Re: [TLS] About encrypting SNI
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 15 Apr 2014 13:52:59 -0000

Currently HTTPS requires the name in the cert (CN or alt-name) to match the dns name, and a wildcard can cover only one qualifier.

So if you’re hosting like tumblr, you can do yoavnir.tumblr.com and richsalz.tumblr.com and have a *.tumblr.com certificate.

But you can’t host www.yoavnir.com (not mine!) and www.imperialviolet.com like that. There is no valid certificate that won’t generate red screens that covers both of those.

So we’d have to change the way certificates are matched to domain names if we wanted that. Perhaps we could have a certificate with the name “www.myhostingsite.com”, and a new DNS record for www.yoavnir.com that says that this site is hosted with the name “www.myhostingsite.com”.  For a site that published this DNS record, the browser would not send a (clear) SNI.

This is a significant change, though. One that affects previous versions of TLS as well.

Yoav

On Apr 15, 2014, at 4:42 PM, Salz, Rich <rsalz@akamai.com> wrote:

> What if the client doesn't send SNI, but instead the hosting service has a single wildcard cert?  What changes in the privacy and trust model?  Why isn't that acceptable?
> 
> 	/r$
> 
> --  
> Principal Security Engineer
> Akamai Technology
> Cambridge, MA
> 
> _______________________________________________
> TLS mailing list
> TLS@ietf.org
> https://www.ietf.org/mailman/listinfo/tls

v2.23.0 | Report a Bug | By Email