Re: [TLS] ECH-HRR Design Team output
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 30 August 2023 00:12 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 20B20C151066 for <tls@ietfa.amsl.com>; Tue, 29 Aug 2023 17:12:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.099
X-Spam-Level:
X-Spam-Status: No, score=-2.099 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, NICE_REPLY_A=-0.091, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nbt9vkXqb58Z for <tls@ietfa.amsl.com>; Tue, 29 Aug 2023 17:12:33 -0700 (PDT)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on2133.outbound.protection.outlook.com [40.107.7.133]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 15B1FC151062 for <TLS@ietf.org>; Tue, 29 Aug 2023 17:12:32 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=T2MlpYgWkgugxVE/kA75ChW1SEAqILGqA5cG4ASAON65/2+5CMq4E1vB5JGdlIzel5pc9fPGdN8RE0GBHqKDMEsUqUrldR9jO9FoSrK8sB4cwrlbdcA9zOJaaitoJbNJ4iea+miWKyLUh070gWLvh40bj2EG5TnsmOCN/laEBldnlIrr4fnV4r2LGOB9aEls7RUuWOwQQxSwDpk5WKpQcOiPgCyWwyHI0GAsdLf2GCppJwOGT5hjL3m3tHe15FyodaGoA4kzP+hM/DoEYD8BwVHv/wwoQe83Ihmi8Vyi2ZwPAfYPoFSbjJq/9VFJk9fO0F3i/86jGvAzm3FLTuzXOA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=JAlSmxyFwjQtjqvAJgXlWMZXseQd7eOxcOd/mv0TwyU=; b=USW5ImxdzwDJeyuP1/TGCwZeM84ZjCq20H5+5m7pPmftyB61FcXqy3ktKKAM4j49aYpEPA18cEZNBNGzDxBdfSE+G+agMJA60EzTkpyJLvieCr24EaKWeEbTAxx4yjgU05FdbwblhYr9TJqTMOIQcm7QUyIkI8nm9bG7MUh4QfjbDo2zPyt0OZ+SwjpIgN0Gi+B9BVdz0P7a845VJayA8V7RKvtkXI3gKTDeGzaFpM1QMnOj/yKHhchPTtMBOMZtXByblPSkz4hTsWNPDL9PtYlXhgINIKWreKJe1md0kkdWa5F5RhPE4n0H19L6Uho7eeUi/2R5yngY42Ekv7LCpg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=JAlSmxyFwjQtjqvAJgXlWMZXseQd7eOxcOd/mv0TwyU=; b=RT+5foRZcXu0bmj1fXix1xGVCIfT4vJ06fTJjdBY80WQ70KRqbvg0ang2R5T5EPRXAdJND3G8gLzmFXbL46nwesGKY4+G9Y6hQ6pL2Yzfi+caNqSm2NzAJ67S+5LNoXVca4HyVEVR2kUB1D0nujl+3wO4KEPXOvvXlCIJubtc0Lp0r0MtCV2H+FW2sPq9lDk1ugxWGsY7UNradKxPmXpulsJe+4Q5FXV+jGfi4JdqoJaPRDGxeV7MJmMtBbPjv3Yna9dx2MujbdEd+MKcxhmKKHBdNwZu+3eBF7L3vEIJxhjqVYQ27lpVtH3TIpKqrj7MJxgNMeYryZ/y4bgcQLIGQ==
Authentication-Results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DBAPR02MB6437.eurprd02.prod.outlook.com (2603:10a6:10:19b::17) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.6699.35; Wed, 30 Aug 2023 00:12:28 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::6f9b:8179:a7bc:c19c]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::6f9b:8179:a7bc:c19c%6]) with mapi id 15.20.6699.035; Wed, 30 Aug 2023 00:12:28 +0000
Message-ID: <a2f5c5f7-3d65-2d87-78fb-d9eff65e783f@cs.tcd.ie>
Date: Wed, 30 Aug 2023 01:12:25 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.13.0
Content-Language: en-US
To: Christopher Wood <caw@heapingbits.net>, "TLS@ietf.org" <TLS@ietf.org>
References: <39142598-9859-40e0-94da-c48ce10ffc15@www.fastmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
In-Reply-To: <39142598-9859-40e0-94da-c48ce10ffc15@www.fastmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------g9tdqnMehzLgUpk09pOL0pvK"
X-ClientProxiedBy: DUZPR01CA0174.eurprd01.prod.exchangelabs.com (2603:10a6:10:4b3::23) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: DB7PR02MB5113:EE_|DBAPR02MB6437:EE_
X-MS-Office365-Filtering-Correlation-Id: be30909f-ce41-46fc-57a1-08dba8edcb79
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: WX2Yt5LJsa63qfuKzVzgALdDGupvM8lA2sD3wFOav7otLKiDOd/fycOoqnIb8GT4LaUrxOdnDFGIGnIAExB08q+TrihIjvHd3qSAds8BSRlxwYFTJGUyPTBIM0f3QHqwDIDJlq5OsLkNxdLBNSNt/e7+LNn3W6CTtLu0I35aptyAvyjpel68hOgCtl07gMc/Mf3OUzAHHOL0xmnetgos9rvpfm2Z49NJ1gBNJbL/b4mowQ+xnIscJDmo0LPz8OJk2b1g12jPKXnOHRPnwZ3v9DtVvSuxo+0D9wazB3zO07pN4Z8AtxV2KD06x646wlEzbWpHdNT7k3fMlpB470a6YY1FWx4TZYOAhyOYJQDrq/W7GNVf9MgXsHMSOGefnzqa+kA5EgoHzLqXlbBtIqz5JOSgBKN+tCW6SX0ZZUAa/TU05GmViKvQR3aQ6XxDuvztZ5qCVE4+VylzspEYXlYDIc3DEFxMCk2zYSMTg9cp7+MF8U/2g/RMRZkH3yIg7wDbeeeW8zL8Bf3JXbO9LIZzHAiOgEAGM7oajY6rZlrnjfXNOoPw5/CENJMBGGwbaeRL5vN5x+OCvQDzKgmF/hGkM03hM7fjQPOqPQQslMj3oPKslVTZTzhO+Q7y/rL0eMc+sb46vsUKhnj2h8BU8nNKKw==
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230031)(136003)(396003)(346002)(39860400002)(376002)(366004)(186009)(1800799009)(451199024)(31686004)(38100700002)(66899024)(33964004)(6512007)(966005)(86362001)(36756003)(31696002)(6506007)(83380400001)(53546011)(26005)(21480400003)(478600001)(110136005)(6486002)(2616005)(6666004)(8936002)(8676002)(44832011)(786003)(2906002)(41300700001)(5660300002)(316002)(235185007)(66556008)(66946007)(66476007)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: 80XQOlPWIislO7vJ+aBt9pWLbfZ4KKSxymzAxb/9/5lGYS+5C9uXFwHXKLYaGS/hagWluOgBf8+io2H64E+O2FTHMIvrBcRrlBnAIul8XB8EuybjZ19pBlsuHKLX2kw9GZs8D/revCnbx+BKHcFp5TjMGfZlOFSvjESeK6rhM/bDhDv1kjxBm3VR33Lw+YM0azDe04oZFLPFFlOl2omKJKnkrE/3G1IobZ2ApadtURJ8iYQHa6MpWIb6z3Fg9Re0tvnq1kY49E6cV02rCV10PaIubh7hmfUXKS9trXoyTlrdOc//b67kmu/6xGLsVJmIAi+H5wjgJ7mCNeE8hIAHNdoBQoVOwJh5Ush3VUW6zY6qhKdQbkELVjfluKiWc+mcrTDvKMAtvmzGDYpO5HmhTyvcCt11fL69PkrFzKX2fS7QdI6jjjOPpW5oiPutytN5qKQ+wHMyKGgUpWqplOyUj6OKq9aVGVvQVwp//ojI+o2aRZoTDwFcepGhoKIoGQ77apK/nM6Q9drBp+ygjfuj3Jrm9CI4hCIm3FfBZE3BN1W53JreAtJHQzF6zJCLb/Fe6d4xA2opwBBlSIcAyQigCpPSaaVH2ii7lz1KfnMAo8eBE9kfhV+jlaEnAL3ZPlOfLF6GyUnLhPPx0olbI7b7RaYg2YZstDO+X9bCMeeSv5r+h21jJm6NyhCagrvMkE3tKgIyXe83kKuE4+DmQroESxDiUWBKMp2Dcg1PSGADRpL1/mQWSmV1ngGxkW8UmIJ8c10eRwJg/B/UV0S1Y5q1R0aIR+0NNXcB+i3K1pusqguM3sLq7u2Xl6kMv2T1U68RVXy3qBIzj6u3Gia8oFcU3SV/9W43ExecxkHRCm1VX0THHBbhxdRh5sgcmqJZsRyJf03u8odnyT4bxCD1FOX49DtDwv0+RNwWG8zvBbIO7WefdoT5nVTcNc6cJZdsHEB2W1L7ZJFK7P6hA3eYOA0TGFpLwGouNoHDAeHwWPnxNUxoS5SIPXSbUGoM9kkKaeJdmyc0tccSNbcXwOD+lvEipyrHIv7uNpzxMVqPbHrVwlGZ7Yf8SEyHEC3n0m51Yf4PPVx5uODD4/mxZctE6iCvpkG9Ttou+tg+V7u9usIvckZbZM5Qhz75tcSAZ/HUB8iJPQC0onftAn4S1tWcu6JWr9oJyk7trf/YqZ74uChh9mfVGoKEtf9OlpvircQKWZcv7E+0pVstKSAMgHJzLXvMx5s/NanryncdYdGSzPLT9mhWpUY7/PlwN80NLrtEkffmoKwyl4r+aTD0Oa+bY27OIC+HpESI9HJCMb+uCHc5XbEhWs6MIl/J4v9C7oR7kl3z35m/U5rXAU54JEE4vW78sFCVsWWs4rsJaM53S0pO6s65Uui4AkoGNOMX/TVmgczXJQT0V5zPayKfo1qBMKRoL32ve5WcxyuelIIZpY68FBf1SKgz75qowi89/ZNj1Vb4qjIxnu0SE6hNa9ELgHuDXZoaHeF0xafopl/lBKuabEoaIoDwpyW1a9Vpqg6GPs4g5cPebgT3I8Z86966dDgGDBWBl+G5SR05t795UsS89SnUZXVu/9+iy28krAl0+HX/
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: be30909f-ce41-46fc-57a1-08dba8edcb79
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 30 Aug 2023 00:12:28.0641 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: xY3pJpgZozp0xLlRp3SducXlwjwzlppCsJu1/dNWJMdb/9e+Y08HVJFDTWsXLFZt
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DBAPR02MB6437
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/mmfTfKf9gj_ynnmJFrQknOwPHMs>
Subject: Re: [TLS] ECH-HRR Design Team output
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Aug 2023 00:12:38 -0000
Hiya, Wasn't sure which email to reply to, but this one'll do... Until very recently I was of the opinion that ECH split-mode when one hits HRR with our current design was significantly problematic. The main reason was that supporting that scenario with haproxy seemed like it'd require significant change to the application, as haproxy is basically designed to only look at the first ClientHello message when acting as a frontend that doesn't terminate the TLS session, but just routes sessions based on the first ClientHello SNI. (Doing ECH decryption on the 1st ClientHello was ok, but getting at the 2nd one with all the right state was the problem due to how the application code was architected.) With some more delving into things, I've managed to find a relatively doable (if slightly iccky) way to support ECH split-mode+HRR in both haproxy and nginx, so I think we can strike this as an objection to the current design. This likely affects a few of the issues in github, (in a good way:-) but I didn't comment on those as it doesn't quite fit any of 'em exactly. It should in any case help as the editors set out to close issues, My proof-of-concept code for nginx [1] and haproxy [2] is available and if anyone's interested in details I'm happy to point out specifics. (Note that that code is far from production-ready but I think it's good enough to show support is possible without that much change.) Cheers, S. [1] https://github.com/sftcd/nginx/tree/ECH-experimental [2] https://github.com/sftcd/haproxy/tree/ECH-experimental On 03/06/2021 22:03, Christopher Wood wrote: > Hi folks, > > Since the last IETF meeting, the HRR Design Team has worked through > the issue of dealing with HRR. A writeup of the team's efforts, > discussions, and recommendations is here: > > https://github.com/tlswg/draft-ietf-tls-esni/wiki/HRR-Design-Team > > We believe next steps are to merge the following PRs: > > - https://github.com/tlswg/draft-ietf-tls-esni/pull/423 - > https://github.com/tlswg/draft-ietf-tls-esni/pull/422 > > To that end, we would appreciate additional review. Hearing no > objections, we'll plan to merge these at the end of next week and > close out the relevant issues. > > Thanks, all! > > Best, Chris > > _______________________________________________ TLS mailing list > TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
- [TLS] ECH-HRR Design Team output Christopher Wood
- Re: [TLS] ECH-HRR Design Team output Stephen Farrell