Re: [TLS] GREASE ECH repeated value after HRR

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 17 August 2021 20:22 UTC

To: David Benjamin <davidben@chromium.org>
Cc: "tls@ietf.org" <tls@ietf.org>
References: <83a2b693-b464-693a-b87f-74193095a082@cs.tcd.ie> <CAF8qwaDPkxZy=cW2S80r8runfh7gzwgq2izr6NdpBBfVRa9GkA@mail.gmail.com>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <c414ed8a-42a4-961f-5c05-a98347442dd8@cs.tcd.ie>
Date: Tue, 17 Aug 2021 21:22:06 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
In-Reply-To: <CAF8qwaDPkxZy=cW2S80r8runfh7gzwgq2izr6NdpBBfVRa9GkA@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="qJyFdOl0SsqBJfEtsGCEc9XrCL34xEvfO"
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.244.2.119] (95.45.153.252) by DB6PR0801CA0056.eurprd08.prod.outlook.com (2603:10a6:4:2b::24) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4415.16 via Frontend Transport; Tue, 17 Aug 2021 20:22:07 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 53253817-b9a1-4a1d-9fc5-08d961bcaf93
X-MS-TrafficTypeDiagnostic: DB7PR02MB3980:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB7PR02MB398070E9871729B001DF0B8EA8FE9@DB7PR02MB3980.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:3383;
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: T2M3dRofup675JZYkvsVPAfoeF6bn4ZAfSg+vmFwStTzYbCo3+sYMavcUNp0Y93EXwefthL8wSWsTCKGnUgZEiZ780xgLftnDN+l411dEZBMeiAs/y3nud9Zem4M0WwJwl7jHeYibo0wXOeVN5LNCLyGQ/B7pFv+9n19FCZNv2FUM9uojUQQUelkavO9FNhl/u7wh97V4vWs0Q4RW98sgTcQwAiuXloyr2Yu9YWrcAWFItPFAIgqsu8H0bHBgeBz+Nwi778eGozNLG9xhf4nbTPhIcGZOf0jVFDiTkot/MrQ/fHRjJPu/q69NHFByCvcNohLHiVbLflkQRj361qSRT6Qv5454qoStX06/nJmCXSU7sbfWb5+kBTJHrYDl1wgixW2/72XhFKCjO4m1xXgrIWVAjfFGzxOnJR6UuO3n6mJRCh26sOdUWp9l4uOgduyVSIRUEwSYXraITkE5gy9XWfQTpuRrtodxtlS4UTr8RZYO9o8DGIFlXymLtSBR0dnyy1inS3KS4LfQY0MBDbSqQBF3x732Q/30FJoPUwyjPYaa6NSt5eu+sMiDVc7K2ey0A7k2ydcjKjSFUX6wkQF4i/mBd2EirjOjHOMFy8+uEFcVynLOV29BTOBsxFu97f+oNqOiKlIgyO135OXY7muB5PaWho/SnRGHZvpyGJlFuHOGTySgq5vPuJap4TyHEk6qXYD8wucEv7frnzYtWHIurWLrZ7nG+zdPyhR7KuXyfhTDPD5BA6C/pNlP5dv+zkrFGiyVYZFf569O2dC8oN7nJEjQohJPPLSpBsowOX4pbNhAFLT+Cx+mWdsMYEKq2qu
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(366004)(376002)(136003)(39840400004)(346002)(396003)(4326008)(86362001)(83380400001)(956004)(36756003)(8936002)(8676002)(21480400003)(16576012)(235185007)(31696002)(44832011)(316002)(2616005)(38100700002)(786003)(31686004)(66946007)(66556008)(2906002)(33964004)(6486002)(66616009)(66476007)(5660300002)(478600001)(53546011)(26005)(966005)(6916009)(186003)(45980500001)(43740500002); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: QSjAi5f16fU7zY0ld3jAOMMvd+ouHsEeb0/3PuQCSulbrBZUVUfwgm9iw9AUKrv6Q+2DXowy3IOY1RO+vpNKd8W+l5CRe7ZRIRbXQSQGvuevWxTWx6yYPLdl1927MiNAnrNYfZ4i1AakMj6muKT9Ol1hNRIVBb2ZTSzAi/jW4AnwPBf4E01mhA0iiUIpXX8THznalLL4r9aJcH1MZxvAJI1v36Wc2WwkGAGn3/rR5TwpZh1fyKEmaOZxSCTXioX+ZPzVK6zmt23KW8krl0AHHwB68ew7cVUIYHf/8nHLqDYjh9zhhc3vliJlatOQvM+njrPYlRIARyS7OTuWnFXnQjjebZlBatEg6aj79I9yyZfilrqe+AAGcya7zhSsFp8Ux7BkVkBr6chJgsdxeC/wkL2inM6SrJMZwzggE3WI6BDcizx5Tum65VzukEzqQpRqpKD+32IkmaT+P9x22pkXgTBNLpodMflDQI5sOCGw2eXz91VLeheMvneSKUUfq1JCsRjy7L9Jgg0sL9ReqrgDZBvIUZuJrhhtUtvHvzAH/4qM+J5fk5PZSK59FbEUci7Zc44a6kdw+9neJIc834waUXt+oZ7uNT/X9a8RcA8AxFRfaXfL0BMXLP4zQc9EHaLgu7H87ipV6Dzo5oKPk9z9+5Fad+pDJm942wtMKZAP2Gh4CWW78ZaZ/rKJHY6G2GImI/8UKYoMgy7XV/VkxQqkxCfc0+RM4R5cf4nzKXD82gGa3mnJjl4veGDMB3jmUmOBtN2m/86hF9Pla0tA0yKAFqCnpqNWAJCbfan/LJtjKrYn1b+rB8dpRpbDPXLzCoxoa6IcxTIt2rhkGl3apidCeLU5EGs4lEpEbtts3hmthSmZsgEewM5p4EVmgJCQxpjhBLy0bDLt+9rGyfTvTZLRYu2VtI+kCrxH+5aflYIALRAJCVHgLakg+Rw4KoayvBj3h6DjhfAyg4UgtI3gA7DAjGzhcwQvijyhJ3LmuSNjM44UpKlo4hWO9NQKn31d3Fcv29GvET6KBrC3GPIyZhTfT7ETiHXNkaSzFql4EDgtViMuIz2k5ZfpmQ2ayFwrGGjCMhHESYrwHIOHmjoQEaz3q9CJPWN411ly9BJ3PWI4A2F0HiA7IlFFUXSfTyKlB9M3Mb/8u4ml/h5GZ+n405uVorhp321hm8N65uD9PZioT/d9TEe3uavhQUm1n0BhbW8Kut/FUZ+OC9lIl4aOOkjmIwO/0xQbLbEVtdDNc1msSY7De+FiKoVmeShrpc4Ol0CDzYbBXWJhj1DIavVe0qaaXhMV9ZZ0ZoXl3qofM9K5ZfgJySm2vgrDjqnBhsW9fG2W
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: 53253817-b9a1-4a1d-9fc5-08d961bcaf93
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Aug 2021 20:22:07.8718 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 37vT3+WBrRM9tctdwD4EIkZ7gJ5ACPDkmL+OD4sAASYdFAAbgfNZ2PRs54GRRr9V
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB7PR02MB3980
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/o6c-orgdn3P0EXQgLt2qec_8Rys>
Subject: Re: [TLS] GREASE ECH repeated value after HRR
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 17 Aug 2021 20:22:19 -0000

Thanks David.
Cheers,
S.

On 17/08/2021 21:15, David Benjamin wrote:
> It's because of the rules in RFC8446. If the server doesn't utter an
> extension in HelloRetryRequest, the client is not allowed to change the
> corresponding ClientHello extension. We found an implementation which
> actually enforces this.
> https://github.com/tlswg/draft-ietf-tls-esni/issues/358
> 
> David
> 
> On Tue, Aug 17, 2021 at 4:03 PM Stephen Farrell <stephen.farrell@cs.tcd.ie>
> wrote:
> 
>>
>> Hiya,
>>
>> (I'm just getting around to playing with draft-13 ECH and
>> HRR and have a question...)
>>
>> In 6.2 talking about GREASEd ECH, the draft says:
>>
>>      If sending a second ClientHello in response to a
>>      HelloRetryRequest, the client copies the entire
>>      "encrypted_client_hello" extension from the first
>>      ClientHello.  The identical value will reveal to an
>>      observer that the value of "encrypted_client_hello" was
>>      fake, but this only occurs if there is a
>>      HelloRetryRequest.
>>
>> I don't object to that, but can't recall why we wanted
>> the same value re-tx'd. (My code just naturally generated
>> a new GREASE ECH value and it all worked fine, so being
>> the lazy person I am, I'm wondering if doing nothing is
>> a good option:-)
>>
>> Ta,
>> S.
>> _______________________________________________
>> TLS mailing list
>> TLS@ietf.org
>> https://www.ietf.org/mailman/listinfo/tls
>>
>

Attachment: OpenPGP_0x5AB2FAF17B172BEA.asc
Attachment: OpenPGP_signature

[TLS] GREASE ECH repeated value after HRR Stephen Farrell
Re: [TLS] GREASE ECH repeated value after HRR David Benjamin
Re: [TLS] GREASE ECH repeated value after HRR Stephen Farrell

Re: [TLS] GREASE ECH repeated value after HRR

Attachment: OpenPGP_0x5AB2FAF17B172BEA.asc

Attachment: OpenPGP_signature