[TLS] ECH and resumption - what to put in SNI?
Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 25 June 2021 14:21 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EE683A1A11 for <tls@ietfa.amsl.com>; Fri, 25 Jun 2021 07:21:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B_JQBpB1wlWA for <tls@ietfa.amsl.com>; Fri, 25 Jun 2021 07:21:15 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2116.outbound.protection.outlook.com [40.107.20.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B250D3A1A3E for <tls@ietf.org>; Fri, 25 Jun 2021 07:21:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cu67m83CJ+rU8z/PlkZBSNQA+K8pBqiu+6RWOC6Z8tjxTL6StMwkBypqYWCEjKK7DWuTkCF0l0sjmJifEKgYC39seF7AQqfaPCcoOKKXy7wA6kXXQRDoGaF/trbSEZp143ejacVU5ObCpG3F3GtLN0fNFOVly1RcCYwcfAsb8BUUwBEFrZxhRdH15hz3Gq3zdk57r24pC2KcR9KCMxNv1D6zx0+iJ4yKUV42DgqRh/qcuir5SqGauV2rCPLKSuK7SiJceNlX0cepkDL0QjMApgPh+b0+fatptCz83NsuWGkE96JRm/jn9NM9dH1XMt7Bdsq3tzz8KYn6rVrmZq9gsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CClw2wFQx+jtue+lSIPjF6YezD93WkY+1H48krq6n1M=; b=I9VFuEsVD/ovd7aFhWht+RI38CLQ7Ygdep4HeiSsdaeKdPNA3XQ1rdNDAZ0d0A2Ohsx2E4wRQXazxRGT2R84AoibRs4UjeLO8tXnwEW/s4D++eiv0T1e11SE5LcID+8DC+RnqSzbBbMlzjPYH1r8TX1UEJFrBngIPqqMwMV1ZVCYX3XmnwkVyf3c2yBDGDDN6Qd8iPft1zSZCzsQ7WK9yAmpl7sH8DVvk2KRws55ff7sbWnfVtQZs/0bdYLaw4KxcY8rodtTqE8phNJj22I/22Vfaq7zszRkCIYtFvxW1BGlWXsFsrUzIqzSchcJ4y+tb7Yiusy0DaGU92Rqs+/07w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CClw2wFQx+jtue+lSIPjF6YezD93WkY+1H48krq6n1M=; b=t7Zd0QHOQ3WZbd1I9ObLeYBOhDICEHv3R8nAnURevmwWCpdjDUniq4e9vTk9DudUs30XEiATIc8zdA2G/9Ka0fKXJ4TSmH9JZH6PE76R4q0kHyd9/31QNwF+ppdPMirEy1dF9WX/qKXsuIxde08hc0+nTqHT171RI2/LpCF49nj9bezLnTjStxRd3eX71hXQk2yK/9piTXlgEixz9Fza7XSY7SRFNUQs8qB6URJfvViXkVTr+ZLHLTXwUxX6fVIRJvDuO0u62mk6uvJD+KCGpLNXM5pglB4+ChqQHBM3UMH9XzUsyeguWrwk+1dZWoOhFDmkaedHsJ90EjyUXpqfJw==
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB9PR02MB7433.eurprd02.prod.outlook.com (2603:10a6:10:243::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.20; Fri, 25 Jun 2021 14:21:11 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::9c71:9f6:9136:f849]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::9c71:9f6:9136:f849%6]) with mapi id 15.20.4264.023; Fri, 25 Jun 2021 14:21:11 +0000
To: "tls@ietf.org" <tls@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <062ba89f-15fb-669e-b1fb-cf6c71fc88a8@cs.tcd.ie>
Date: Fri, 25 Jun 2021 15:21:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="g1VsMxmLzNoCe86OA0BKEVoD6K3hq0hXY"
X-Originating-IP: [95.45.153.252]
X-ClientProxiedBy: DB9PR05CA0027.eurprd05.prod.outlook.com (2603:10a6:10:1da::32) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.244.2.242] (95.45.153.252) by DB9PR05CA0027.eurprd05.prod.outlook.com (2603:10a6:10:1da::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19 via Frontend Transport; Fri, 25 Jun 2021 14:21:10 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ae055456-b4d4-4900-77f5-08d937e47b07
X-MS-TrafficTypeDiagnostic: DB9PR02MB7433:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB9PR02MB743377329DC5640E04B89909A8069@DB9PR02MB7433.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:4941;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: B6kznURO4x+s3sNfDdB9YhZupEm+mI6BWoxW+zNscQ8TdoVosbDBVHxnCCGzaDIwzBAo8su8vxHZdnL1z8rWlQRzoqfKQYT8OsNqZvt2fCZ8gPUfMJ2AzFMx2Pzdwb+oT90nG2/llVcuaPV5r0QB+TBkdFqarrHk5pVLYeSQvNzy81D9Z2HFmesgvYWEtz+6eRtyEvmjBhbeKzf3pwrRcCY1GjgEwlUkgEfM0DBgqxoKoj7b8c6mYx7hReTnqT/ltRHT96XFiKACHIJWPPq1Zor8aboj3NTNzfTKq74EvlHItOBb9fI/VVfu18+lLtJXo5iGa9imFHzEjp1Vw1FU3A6StAXwMNnQOc8D6nUKCM2fgTM+doREiP1PnEn7wCCzxNbA3PkfDLagFr5deJlPmFHGMpj0qSaao5OuLsWzOljS9rzDYTATI4lmABoMFQA7swttKy0E6hvKCqQK/U+jQZHuT6cCvF2q4x+VFCLU+F4dw62qSGiMPTTMzIvA7JY4bONJr9eF0tYRhjAgnNuQBSy9bLz8TqD3loMdIWBwf4zwSI9ff1kiPVzBtwPHqtx/ObIp0Z1Z4KDFJhv1wq91EPLhJyCJhV8rUMKRO8a+/Ch+IA9kkqnxfZNACVlmylUiS7/CeMbwB20tFReipaaz+gWUoWGdmXy+xekdS79/wv45tr87eOPeYvrjcWG6DUXwSWdnGlCrM2J0b+P1PjErFplZuCGxKBzPN0+zWWero1YfF/srLpE1VzYoMdjCMxvDMrpQhkG/cpXe9Ywr2vfAEjNrieE98rd+IxXy/K3iuVc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(396003)(39850400004)(366004)(346002)(136003)(83380400001)(31696002)(66476007)(66556008)(66616009)(6486002)(26005)(31686004)(966005)(86362001)(235185007)(316002)(5660300002)(38100700002)(2616005)(33964004)(186003)(2906002)(6916009)(786003)(36756003)(478600001)(8936002)(21480400003)(16526019)(66946007)(8676002)(16576012)(44832011)(956004)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: kJN0g4OkzLbmW45W7hdwQw1eBG5e7j+QJJ6YW6daEG3s/8awtzCsQTZ9DOBnxOt8OdhwPHcufgggmLcNg5ifPMc3bPvwBkT/RtDEl3DmZ4AE7XmbKYLwfq2WllxuV9cu71GA9oSX8lFr/P52yK1dhpfevF2f4HDlo7kQSQYFUQNLIDKkznr65LzrtUDnRIulo1hgXLQGq2RJKyOWS8oyb4NDT6Lr6cr0O0EN1OqIiOTG8Whqa6t7F9lgPcexmfz/av/eGOBRvGyUFBhx0+KXEZ8XRI78x3sIxeFyYfYAMtQh5eof/asMKQKFVHJYCYHrY6uir16adWQVex/gTCyx1V+0ZZ747XhOehQ4jsJmBrO063dH3rM4fh5ltrVy6oQsM/co6xFf14s2b5oV1lzjlYm3y3DYpAYCtHXL44yzMHT6eU0ws2CIqf7I8aG64qNCyrvGynUrL2Iy0vjdzbTpx1AiSVsJ5oOMyyJ7GELNXCYeGPUF2FElXaQ+WT1nf9nWJNKUc0fdy9cFAqpRp4IBQGk2NohI+eNqhVldtseiBtob36yCI0mA4gF2lpgXTRRRY4uQi4yWaFdErWA/7IxERtGez4gscDHR6EjrqDmKDday0+WS0DTaGbX4UYEmYAnqwsOxOx9/oOBLPLOQwTC02lT6OYEARYijQOWx+bFRLBz8Lo2ns/gqxVzjKTZFGYUNDgbJ/d0duLuou6pQ1U07oOU4z4FnuW18enD2K/ruobW2qM//taQqUzBpqrI7Vr9hFEjrs59KzpleQacoDyTcBoODSicxkLMa73qwtdoM1ihD4ScjLi/vYdmqSrb7EuRmIYWNILhb6oPGjJNmcgiNvoQF38Wev9RI9ZJ6DHPuEjBAO9EsAWylDDV/P5rP451hEYjmEP39VWpysAM9MdRJE/+eYbpVWm5f3r4rzwxSzKmhnSnSSZ8z5PT4u5To14AsKhTCXVFozfl9qAYKklJYXhPA7Et9fDbldlioQZWJxNGQdWRm5spvJ9HDHlyxp3NMtE5wmiwb6Fm89O9mNRXyqnAZ2mg7Pf5oCxgnSln9BgId9jUaIlPpV5Z+XQ4l2vvj0aztNRO00fn6whoFJ9aIwfxA/b2CXELJeVn80OxhfJI0IZlWD2eUU7pZgqEoXGRO9bzfvysAHfa8Fea8J1H3za23AO0ANc3DJjzwRcx/dHpTPkmu80UubxmGUyJeZi5MAN3vE6+2Blq7zZLO1HsmdeBRxme3hKn1I7zseCOo6EZfgcr9qZBIpUQhY6SlG9KwYeJ6+uV1EcxIc+mwTc9kkPOSPjE1wAmAss6mHymNrJ3iepTKz74RiV+Kgp9h9Xtk
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: ae055456-b4d4-4900-77f5-08d937e47b07
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jun 2021 14:21:11.1150 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 3xElrVCUCe0k3QCKdfL3F+j/vudGRbDZ1L1pA8guz15ONMUn0en6j9MDiWD6rLYW
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB7433
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uMhAL5JBJmac4b-6JFtPaiY6tPw>
Subject: [TLS] ECH and resumption - what to put in SNI?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jun 2021 14:21:20 -0000
Hiya, If a client established a session to foo.example.com using ECH with a public_name of example.com, what ought the client put in the SNI when resuming? Ignoring ECH, 8446 seems to imply one ought put in foo.example.com [1] but that'd defeat the purpose of ECH. If one omits SNI, that would likely be hard to handle for a client-facing server when it tries to route to a good split-mode backend. The same could be true even if example.com is included as the SNI. I guess the client could do ECH again, but that'd also be odd, as it'd require asymmetric crypto when resuming (which I guess is a lot of the point of tickets), and depending on ticket ages vs. ECHConfig key rotation times, might cause interesting failures for a library client that can't do fresh DNS queries from within the library (and might never see the TTL of the HTTPS/SVCB RR in any case). Am I missing something obvious? If not, what's best here? (And we should probably have some text in the draft on this too.) Cheers, S. PS: I guess if the inner and outer ALPNs differed in the original CH, similar issues might arise for a client-facing server, in terms of figuring out the right backend to which the resumed session should be routed, if routing were based on e.g. the inner ALPN. [1] https://datatracker.ietf.org/doc/html/rfc8446#page-57
- Re: [TLS] ECH and resumption - what to put in SNI? Stephen Farrell
- [TLS] ECH and resumption - what to put in SNI? Stephen Farrell
- Re: [TLS] ECH and resumption - what to put in SNI? Ben Schwartz
- Re: [TLS] ECH and resumption - what to put in SNI? Eric Rescorla
- Re: [TLS] ECH and resumption - what to put in SNI? David Benjamin
- Re: [TLS] ECH and resumption - what to put in SNI? David Benjamin