IETF Logo Mail Archive

[TLS] Re: Implicit ECH Config for TLS 1.3 – addressing public_name fingerprinting

Yaroslav Rosomakho <yrosomakho@zscaler.com> Wed, 26 February 2025 11:29 UTC

Return-Path: <yrosomakho@zscaler.com>
X-Original-To: tls@mail2.ietf.org
Delivered-To: tls@mail2.ietf.org
Received: from localhost (localhost [127.0.0.1]) by mail2.ietf.org (Postfix) with ESMTP id CAFA11C350F for <tls@mail2.ietf.org>; Wed, 26 Feb 2025 03:29:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at ietf.org
X-Spam-Flag: NO
X-Spam-Score: -2.087
X-Spam-Level:
X-Spam-Status: No, score=-2.087 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, T_KAM_HTML_FONT_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: mail2.ietfa.org (amavisd-new); dkim=pass (1024-bit key) header.d=zscaler.com
Received: from mail2.ietf.org ([166.84.6.31]) by localhost (mail2.ietfa.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id emIYEKNBKYQ0 for <tls@mail2.ietf.org>; Wed, 26 Feb 2025 03:29:24 -0800 (PST)
Received: from mail-lj1-x22e.google.com (mail-lj1-x22e.google.com [IPv6:2a00:1450:4864:20::22e]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature ECDSA (P-256) server-digest SHA256) (No client certificate requested) by mail2.ietf.org (Postfix) with ESMTPS id 774331C34AA for <TLS@ietf.org>; Wed, 26 Feb 2025 03:29:24 -0800 (PST)
Received: by mail-lj1-x22e.google.com with SMTP id 38308e7fff4ca-30a2cdb2b98so67582961fa.0 for <TLS@ietf.org>; Wed, 26 Feb 2025 03:29:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=zscaler.com; s=google; t=1740569363; x=1741174163; darn=ietf.org; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=X7ZVwgU8hCXlRD3E1yYEnCH7So/vKLh3aLCvsJn27eY=; b=KPLnKH6Us/x1P+UgjCodo9ZEombJ5+TBx1PWn/VTxkHbq8GYnrDNqxkfxiohRkgEp+ N4g6lBuWRHY7Q6fgjzuRZlWGdnMADYEAlMa6PdRl6v+RXRp3BaNHSlLFkta+thv83+F7 JTnuo7K6piXMVouEVHbh8pv0m0oYzJBWnfcww=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1740569363; x=1741174163; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=X7ZVwgU8hCXlRD3E1yYEnCH7So/vKLh3aLCvsJn27eY=; b=WJC3Ip4OVUz6x6m1Ao4L5xD6ZhO5OaHqASMfBCvyOhLQjvZ1N+vBvaiKMxjYJ/RA4V CGrvq1TiOW+BGk4nmuMJcEgQfwO/8rimGPt09KQD3MbCyVkPlknaaHVfKtJHAVbhVclq QxZhzE2pudYI/dHDYapFanQVrzOmJAXXO6RSrLMtpaOq/7Hml0jLRrq6AzlttojIfhO6 f0LbaeuqUoJDl/YJYKwMT+pqR9FfQyS2GKNBDEFFYQUH18P2pkzvj31R5njxK33/aKBU wX/Y/TrjG0U5ShxMZKyvVB6nqz/I8t7twXTsyGGyzph6ilvAp4Bkb3hh5DMrNpqf8NUP ugxw==
X-Gm-Message-State: AOJu0YxefBUGz7eDpBIocy2O87Ti8fJVcFkpP00NL2wgH91BteSeQpsM KmA2NnElaqic2dDfHf8Iw8CdCngtnDDZMO1vLQ2OPeJJ2/qw0ygb2NKtTvJs1MSKQlvIA/rz2M0 OPhzpBAF/Uh9tbLFTo0ttHleJuklhtA0RKglN7ZbOC1spwh0xW5FXGj1iW3SfvbOpEuluJd+Ia+ AXBPl5Ylvd/azj/8rN5u4UXFs=
X-Gm-Gg: ASbGncu1f4fuyTtd5ifI3whxNcfQaxFVlOAtVXyAeVRUPyWl7a3Y541/mUublcSyrbH J9Mjji6JFK2bgtVdWGYxdIc0xFfvXsDy0lW54vlExiWxQMklIL0UyV87KfgYJ5qbaTTYNcHRqYb g1fNYAhS2xdjSYhzHxRsZ+lbuxlBL+bEjv8lgqcOu/CA==
X-Google-Smtp-Source: AGHT+IFkb6Q8UbOGNZonCNIe0EcvbByXsJ+qJPaEyKEratU6ulM2+hfpxDcVWK4wi9D22+NvqMtW5zfZcaPZAx5MIAA=
X-Received: by 2002:a2e:8202:0:b0:30a:44ca:7e72 with SMTP id 38308e7fff4ca-30a5b20dc6dmr83742691fa.24.1740569363109; Wed, 26 Feb 2025 03:29:23 -0800 (PST)
MIME-Version: 1.0
References: <CAOjisRzBNG2KdAZXssnR9Ura9HuAUKxOH+VLCAE5B9MfYyeT2A@mail.gmail.com>
In-Reply-To: <CAOjisRzBNG2KdAZXssnR9Ura9HuAUKxOH+VLCAE5B9MfYyeT2A@mail.gmail.com>
From: Yaroslav Rosomakho <yrosomakho@zscaler.com>
Date: Wed, 26 Feb 2025 11:29:10 +0000
X-Gm-Features: AQ5f1JpBtV6FMX-9WLV15eadUYGKM0oZndhKqxTrtsAHKw6FgB5eTlJjd55f52o
Message-ID: <CAMtubr1bTsdc5i3B5tykSpr_kYaWhEhFD8Nc4KDDkFo4_=_sog@mail.gmail.com>
To: Nick Sullivan <nicholas.sullivan@gmail.com>
Content-Type: multipart/alternative; boundary="0000000000009878f6062f09e29f"
Message-ID-Hash: M4MQEKSVQTURFFPDZ2UBWIMWUWDXJ7XT
X-Message-ID-Hash: M4MQEKSVQTURFFPDZ2UBWIMWUWDXJ7XT
X-MailFrom: yrosomakho@zscaler.com
X-Mailman-Rule-Misses: dmarc-mitigation; no-senders; approved; emergency; loop; banned-address; member-moderation; header-match-tls.ietf.org-0; nonmember-moderation; administrivia; implicit-dest; max-recipients; max-size; news-moderation; no-subject; digests; suspicious-header
CC: "tls@ietf.org" <TLS@ietf.org>
X-Mailman-Version: 3.3.9rc6
Precedence: list
Subject: [TLS] Re: Implicit ECH Config for TLS 1.3 – addressing public_name fingerprinting
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/qZ8W_AO_VHMLVRoRTnTwLcnKJjk>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Owner: <mailto:tls-owner@ietf.org>
List-Post: <mailto:tls@ietf.org>
List-Subscribe: <mailto:tls-join@ietf.org>
List-Unsubscribe: <mailto:tls-leave@ietf.org>

Hi Nick,

First of all, I fully agree that current implementations with a static
public SNI are trivial to block. To a certain extent this mitigates the
positive effects of the ECH.

However, a completely random client generated public SNI will cause a
number of other issues as the public SNI is quite often used by
intermediaries to prevent domain fronting attacks by performing their own
DNS lookup and replacing destination IP of original flow with the one
resulting from the lookup. On top of that, in my experience, this is often
seen as a technique to optimise traffic routing in cloud relays.
Finally, DNS lookup of the public SNI presents another opportunity for
rogue ECH filtering by blocking all the ClientHellos that contain
unresolvable FQDN SNI.

I think we may want to explore separation of public_name roles. Today the
same public_name  is used for ClientHello SNI hint as well as expected FQDN
(lets call it retry_name) in the server Certificate used to provide ECH
Retry. A large enough rotating pool of public_names will make SNI-based
fingerprinting impractical yet would not require an equally large pool of
server certificates if a separate retry_name is introduced.
If ECH Retry is always included in ServerHello, this would also allow usage
of public SNIs for multiple purposes at the same time. To confirm that
provided ECH retry config is authentic, the client would expect a server
certificate matching either public_name or retry_name.


Best Regards,
Yaroslav


On Wed, Feb 26, 2025 at 7:17 AM Nick Sullivan <nicholas.sullivan@gmail.com>
wrote:

> Hi everyone,
>
> I’ve put together a draft, “Implicit ECH Configuration for TLS 1.3” (
> https://www.ietf.org/archive/id/draft-sullivan-tls-implicit-ech-00.html)
> as a potential starting point for improving ECH’s “do not stick out”
> compliance. Global deployments of ECH have become biased because a single
> public_name dominates most ECH connections, making it a prime target for
> fingerprinting (see https://github.com/net4people/bbs/issues/417) As
> discussed on the TLS WG mailing list (see
> https://mailarchive.ietf.org/arch/msg/tls/4rq4sZzpI9rjYgDLJ2IO-vG9DRw/)
> the outer SNI remains the primary identifier that enables on-path
> adversaries to identify ECH traffic.
>
> To mitigate these linkability risks, various past proposals were
> considered. One idea was to randomize or override the outer SNI rather than
> always using the provided public_name. For example, Stephen Farrell
> suggested allowing clients to use an arbitrary or blank outer SNI (for
> certain use cases like censorship circumvention). This would, in theory,
> make the outer handshake less predictable, increasing traffic diversity
> across ECH connections. However, others in the WG (e.g. Chris Wood)
> cautioned that relaxing this requirement essentially reintroduces domain
> fronting, a side-effect the group was wary of.
>
> The consensus was that fallback reliability and simplicity favored
> sticking with the public_name in SNI. See Github discussions:
> https://github.com/tlswg/draft-ietf-tls-esni/issues/396
> <https://github.com/tlswg/draft-ietf-tls-esni/issues/396#:~:text=For%20at%20least%20command%20line,benefit%20from%20that%20option%20too>
> .
>
> Relatedly, early drafts used an 8-byte config_id, but as documented in
> discussions around 2020-2021, it was shortened to one byte to reduce its
> uniqueness and tracking potential—a change that was well received by
> privacy advocates yet noted by implementers as complicating the deployment
> complexity for multi-key scenarios, though not enough to hinder deployment.
>
> Implicit ECH Configuration, introduced in
> draft-sullivan-tls-implicit-ech-00, builds on this prior work to propose a
> mode of ECH that minimizes explicit signaling of the server’s identity.
> This draft introduces an optional “implicit” mode via a new extension in
> ECHConfigContents. When this extension is present, clients MAY choose any
> valid outer SNI and a randomized config_id instead of relying on a
> potentially globally dominant public_name. Client-facing servers, in turn,
> MUST perform uniform trial decryption to ensure that every handshake is
> processed identically, regardless of whether a valid or a phony config_id
> or outer SNI is provided.
>
> This approach enables clients to adopt custom strategies for maintaining
> broad reachability, ensuring that a single public_name does not become a
> reliable way for external observers to distinguish ECH from ECH GREASE at
> scale. It is also useful for improving privacy when client-facing servers
> support only one or a small number of domains, as it enables clients to
> choose the outer SNI such that it is not merely a direct stand-in for the
> inner name.
>
> Importantly, I don’t believe this approach reintroduces domain fronting.
> It’s not possible to use implicit configuration ECH to connect to one site
> on a server and then trick that server into serving HTTP responses for a
> second, different site when the TLS certificate used to establish the
> connection is not authoritative for that second site – the essential thing
> that distinguishes domain fronting from other techniques. Implicit mode
> effectively relegates the outer SNI to a mostly symbolic role for these
> connections, used solely for ensuring network reachability—similar to how
> certain legacy TLS 1.2 messages were retained in TLS 1.3 to address network
> ossification issues.
>
> This change may have fit into the main ECH draft if it had been proposed
> earlier. However, ECH has already been submitted to IESG for publication,
> so I put this together as a standalone extension. I welcome your feedback
> on this proposal as we work to reduce fingerprinting risks without
> sacrificing deployability.
>
>
> Nick
> _______________________________________________
> TLS mailing list -- tls@ietf.org
> To unsubscribe send an email to tls-leave@ietf.org
>

-- 


This communication (including any attachments) is intended for the sole 
use of the intended recipient and may contain confidential, non-public, 
and/or privileged material. Use, distribution, or reproduction of this 
communication by unintended recipients is not authorized. If you received 
this communication in error, please immediately notify the sender and then 
delete all copies of this communication from your system.

v2.31.3 | Report a Bug | By Email | System Status