IETF Logo Mail Archive

Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

Christian Huitema <huitema@huitema.net> Wed, 20 February 2019 23:48 UTC

Return-Path: <huitema@huitema.net>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 29407130E66 for <tls@ietfa.amsl.com>; Wed, 20 Feb 2019 15:48:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IyYH_zbfiDxN for <tls@ietfa.amsl.com>; Wed, 20 Feb 2019 15:48:30 -0800 (PST)
Received: from mx43-out1.antispamcloud.com (mx43-out1.antispamcloud.com [138.201.61.189]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E26A0130E58 for <tls@ietf.org>; Wed, 20 Feb 2019 15:48:29 -0800 (PST)
Received: from xsmtp06.mail2web.com ([168.144.250.232]) by mx65.antispamcloud.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.89) (envelope-from <huitema@huitema.net>) id 1gwbbH-0003nv-79 for tls@ietf.org; Thu, 21 Feb 2019 00:48:28 +0100
Received: from [10.5.2.12] (helo=xmail02.myhosting.com) by xsmtp06.mail2web.com with esmtps (TLS-1.0:DHE_RSA_AES_256_CBC_SHA1:32) (Exim 4.63) (envelope-from <huitema@huitema.net>) id 1gwbbA-0006WW-JF for tls@ietf.org; Wed, 20 Feb 2019 18:48:24 -0500
Received: (qmail 7436 invoked from network); 20 Feb 2019 23:48:17 -0000
Received: from unknown (HELO [192.168.1.103]) (Authenticated-user:_huitema@huitema.net@[208.54.5.227]) (envelope-sender <huitema@huitema.net>) by xmail02.myhosting.com (qmail-ldap-1.03) with ESMTPA for <tls@ietf.org>; 20 Feb 2019 23:48:17 -0000
To: tls@ietf.org
References: <155060540091.20709.12797700493315209480.idtracker@ietfa.amsl.com> <CADqLbzLt3sJhisojiEDA93zOymBE0QjVxT2T+NAZjYSGm2Nzmg@mail.gmail.com> <1550634231892.18369@cs.auckland.ac.nz> <CADqLbz+zYNTwCidJhrR9DFaj3NqJszdx4bg=qkzwptMY9mYXrg@mail.gmail.com> <1550647276159.53158@cs.auckland.ac.nz> <CADqLbzKppD9MjQ9fX=gbXNFXgKkFE5jeLVnWcyoAt8ZZHAPX4w@mail.gmail.com> <CADqLbzL6epMoAs4Pe0XYB8XjrTJ52zLY_TGdpq0yMAs2Ax9_ug@mail.gmail.com>
From: Christian Huitema <huitema@huitema.net>
Openpgp: preference=signencrypt
Autocrypt: addr=huitema@huitema.net; prefer-encrypt=mutual; keydata= mQENBFIRX8gBCAC26usy/Ya38IqaLBSu33vKD6hP5Yw390XsWLaAZTeQR64OJEkoOdXpvcOS HWfMIlD5s5+oHfLe8jjmErFAXYJ8yytPj1fD2OdSKAe1TccUBiOXT8wdVxSr5d0alExVv/LO I/vA2aU1TwOkVHKSapD7j8/HZBrqIWRrXUSj2f5n9tY2nJzG9KRzSG0giaJWBfUFiGb4lvsy IaCaIU0YpfkDDk6PtK5YYzuCeF0B+O7N9LhDu/foUUc4MNq4K3EKDPb2FL1Hrv0XHpkXeMRZ olpH8SUFUJbmi+zYRuUgcXgMZRmZFL1tu6z9h6gY4/KPyF9aYot6zG28Qk/BFQRtj7V1ABEB AAG0J0NocmlzdGlhbiBIdWl0ZW1hIDxodWl0ZW1hQGh1aXRlbWEubmV0PokBOQQTAQIAIwUC UhFfyAIbLwcLCQgHAwIBBhUIAgkKCwQWAgMBAh4BAheAAAoJEJNDCbJVyA1yhbYH/1ud6x6m VqGIp0JcZUfSQO8w+TjugqxCyGNn+w/6Qb5O/xENxNQ4HaMQ5uSRK9n8WKKDDRSzwZ4syKKf wbkfj05vgFxrjCynVbm1zs2X2aGXh+PxPL/WHUaxzEP7KjYbLtCUZDRzOOrm+0LMktngT/k3 6+EZoLEM52hwwpIAzJoscyEz7QfqMOZtFm6xQnlvDQeIrHx0KUvwo/vgDLK3SuruG1CSHcR0 D24kEEUa044AIUKBS3b0b8AR7f6mP2NcnLpdsibtpabi9BzqAidcY/EjTaoea46HXALk/eJd 6OLkLE6UQe1PPzQC4jB7rErX2BxnSkHDw50xMgLRcl5/b1a5AQ0EUhFfyAEIAKp7Cp8lqKTV CC9QiAf6QTIjW+lie5J44Ad++0k8gRgANZVWubQuCQ71gxDWLtxYfFkEXjG4TXV/MUtnOliG 5rc2E+ih6Dg61Y5PQakm9OwPIsOx+2R+iSW325ngln2UQrVPgloO83QiUoi7mBJPbcHlxkhZ bd3+EjFxSLIQogt29sTcg2oSh4oljUpz5niTt69IOfZx21kf29NfDE+Iw56gfrxI2ywZbu5o G+d0ZSp0lsovygpk4jK04fDTq0vxjEU5HjPcsXC4CSZdq5E2DrF4nOh1UHkHzeaXdYR2Bn1Y wTePfaHBFlvQzI+Li/Q6AD/uxbTM0vIcsUxrv3MNHCUAEQEAAYkCPgQYAQIACQUCUhFfyAIb LgEpCRCTQwmyVcgNcsBdIAQZAQIABgUCUhFfyAAKCRC22tOSFDh1UOlBB/94RsCJepNvmi/c YiNmMnm0mKb6vjv43OsHkqrrCqJSfo95KHyl5Up4JEp8tiJMyYT2mp4IsirZHxz/5lqkw9Az tcGAF3GlFsj++xTyD07DXlNeddwTKlqPRi/b8sppjtWur6Pm+wnAHp0mQ7GidhxHccFCl65w uT7S/ocb1MjrTgnAMiz+x87d48n1UJ7yIdI41Wpg2XFZiA9xPBiDuuoPwFj14/nK0elV5Dvq 4/HVgfurb4+fd74PV/CC/dmd7hg0ZRlgnB5rFUcFO7ywb7/TvICIIaLWcI42OJDSZjZ/MAzz BeXm263lHh+kFxkh2LxEHnQGHCHGpTYyi4Z3dv03HtkH/1SI8joQMQq00Bv+RdEbJXfEExrT u4gtdZAihwvy97OPA2nCdTAHm/phkzryMeOaOztI4PS8u2Ce5lUB6P/HcGtK/038KdX5MYST Fn8KUDt4o29bkv0CUXwDzS3oTzPNtGdryBkRMc9b+yn9+AdwFEH4auhiTQXPMnl0+G3nhKr7 jvzVFJCRif3OAhEm4vmBNDE3uuaXFQnbK56GJrnqVN+KX5Z3M7X3fA8UcVCGOEHXRP/aubiw Ngawj0V9x+43kUapFp+nF69R53UI65YtJ95ec4PTO/Edvap8h1UbdEOc4+TiYwY1TBuIKltY 1cnrjgAWUh/Ucvr++/KbD9tD6C8=
Message-ID: <0e9b3999-0e0a-d3e0-e9e3-a6c691fa37d1@huitema.net>
Date: Wed, 20 Feb 2019 15:48:18 -0800
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:60.0) Gecko/20100101 Thunderbird/60.5.1
MIME-Version: 1.0
In-Reply-To: <CADqLbzL6epMoAs4Pe0XYB8XjrTJ52zLY_TGdpq0yMAs2Ax9_ug@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------FD19DF617787F60F724517B9"
Content-Language: en-US
X-Originating-IP: 168.144.250.232
X-Spampanel-Domain: xsmtpout.mail2web.com
X-Spampanel-Username: 168.144.250.0/24
Authentication-Results: antispamcloud.com; auth=pass smtp.auth=168.144.250.0/24@xsmtpout.mail2web.com
X-Spampanel-Outgoing-Class: unsure
X-Spampanel-Outgoing-Evidence: Combined (0.32)
X-Recommended-Action: accept
X-Filter-ID: EX5BVjFpneJeBchSMxfU5tGFSqEhg7bj9jF01s/oDtV602E9L7XzfQH6nu9C/Fh9KJzpNe6xgvOx q3u0UDjvO5IcVwV4jjVcAOtIXxgohGFVMZsRZacTbJPGp/MBC6BxbdrUP2dRNvMGcInFEqRIMkh5 mNm/WjPqhYqCeBiCKwzwNnO0oYiZjOnC1Xa7kCO2cFBJ33PyTEulbj2AjstEIPvRa7MR4hgRIg8N 1QlY4G7x1YBTEs55LirRLgpsvCFt8i77Wu2Jb/TI0CxS53moc/SlgXpNwUDmiieE9G+9VqfZ1kay mqFCHRp6u+mIhIXg5jssJAnfERZ2C5vj1sOdsnQOD0r6/AaHZiEtdTMtMljoSvSqrGwueTSCQFid cy15jQ4HwbF4aWaRl0axA525ouWBOXp8nHKe0R+FkIqN7hkgzj0zEmu34GPXR572RNl5VgW9/bkt U41htiJ8fk7NkHmplbyYh4+w03es32OzjfSo5Jhwk+hMTKYppuA2BaWeipTPWMHGUquOFNpW9R6n Md9TLrF9l3ItGfA/WrnALV71dGJ7HPnOCWRaxVuHANylPwUimsNGvJJilSn4u6QSZC6DVgRB+0A7 4t0wvmvPOhIs95DGoDQyh90npG6wuAU16Y3oZJdQ0WXQEIKhyt8GANo5bn0tFTz4SVUdCy2MVE6+ P+NMWgh0hdHFCOgNkMJ392PNDpgLsd6Ddd/s7VM53uY0TTxj2gGBZlqXYSmNS2/AMgFPp7+h3kLe NmBV53UG2C90E9ynzQCrR2g2RwPVA7rOQSTng8OBaitK4BXGFIxRXxKF5tPxTxfD0dMN+t5ZP6zO upSxHMPsAHfGhZAC/ELfT40IeeXtXsko+FU3ueL7G3ch6MdB0XuALpEgtIRS9gE9qVUwhDs/Gbvv EKtxst40eTXlWiUAYdLmsJdAoPJHNvQfAjIDptXbNSradnS0Zqm0mOdPl1LeUTNmkYtBTuxv0/1e /nzlq13wYTxncOSJHdsd+cwIgRT6euCWiMrA+4FHNKsiy9wMVtQ6ai8zTQ==
X-Report-Abuse-To: spam@quarantine9.antispamcloud.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/qVZ4x7tvhaFbI7aV2H-X4BC58aE>
Subject: Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Feb 2019 23:48:32 -0000

On 2/20/2019 3:06 AM, Dmitry Belyavsky wrote:
>
>
> On Wed, Feb 20, 2019 at 10:35 AM Dmitry Belyavsky <beldmit@gmail.com
> <mailto:beldmit@gmail.com>> wrote:
>
>
>
>     On Wed, Feb 20, 2019 at 10:21 AM Peter Gutmann
>     <pgut001@cs.auckland.ac.nz <mailto:pgut001@cs.auckland.ac.nz>> wrote:
>
>         Dmitry Belyavsky <beldmit@gmail.com
>         <mailto:beldmit@gmail..com>> writes:
>
>         >Fake SNI is delivered out-of-band for the handshake
>
>         But then won't the DPI check the out-of-band source as well? 
>         If you've got a
>         MITM sitting there then they can do the same lookups and
>         whatnot that the
>         client does, unless you're relying on the client being
>         off-path, which seems a
>         bit of a leap.  You'd need to implement it via some sort of
>         subliminal
>         signalling mechanism that the DPI can't detect.
>
>      
>     In fact if DPI begins to poll domains whether FakeSNI record is
>     present,
>     we have a race between changing the value in FakeSNI and DPI polling. 
>     And DoH/DoT ensures that DPI has to poll.
>
>
> Let me clarify. I understand that the solution I propose is not perfect. 
> But there is no silver bullet, and this is just another way to make a
> life of DPI harder.


Out of all the requirements listed in the encryption requirements draft,
the requirement to "not stand out" is probably the hardest to comply
with. The current ESNI draft works but usage of ESNI can still be
detected. As Dmitri points out, there are locales where standing out
will enable censorship. So, what to do? Well, if we want to not stand
out yet carry some information, that's pretty much the definition of a
hidden channel.

Would it be possible to engineer a hidden channel in the TLS 1.3 Hello?
I bet that's quite doable. I am sure that fields like "opaque
Random[32]" or "opaque legacy_session_id<0..32>" could be used
creatively, and there are other fields in common extensions that could
also be of service. Of course, "could be done" does not mean that the
IETF will want to standardize it.

-- Christian Huitema

v2.23.0 | Report a Bug | By Email