[TLS] ECH and resumption - what to put in SNI?

Stephen Farrell <stephen.farrell@cs.tcd.ie> Fri, 25 June 2021 14:21 UTC

Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0EE683A1A11 for <tls@ietfa.amsl.com>; Fri, 25 Jun 2021 07:21:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, MSGID_FROM_MTA_HEADER=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=cs.tcd.ie
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id B_JQBpB1wlWA for <tls@ietfa.amsl.com>; Fri, 25 Jun 2021 07:21:15 -0700 (PDT)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on2116.outbound.protection.outlook.com [40.107.20.116]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B250D3A1A3E for <tls@ietf.org>; Fri, 25 Jun 2021 07:21:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=cu67m83CJ+rU8z/PlkZBSNQA+K8pBqiu+6RWOC6Z8tjxTL6StMwkBypqYWCEjKK7DWuTkCF0l0sjmJifEKgYC39seF7AQqfaPCcoOKKXy7wA6kXXQRDoGaF/trbSEZp143ejacVU5ObCpG3F3GtLN0fNFOVly1RcCYwcfAsb8BUUwBEFrZxhRdH15hz3Gq3zdk57r24pC2KcR9KCMxNv1D6zx0+iJ4yKUV42DgqRh/qcuir5SqGauV2rCPLKSuK7SiJceNlX0cepkDL0QjMApgPh+b0+fatptCz83NsuWGkE96JRm/jn9NM9dH1XMt7Bdsq3tzz8KYn6rVrmZq9gsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CClw2wFQx+jtue+lSIPjF6YezD93WkY+1H48krq6n1M=; b=I9VFuEsVD/ovd7aFhWht+RI38CLQ7Ygdep4HeiSsdaeKdPNA3XQ1rdNDAZ0d0A2Ohsx2E4wRQXazxRGT2R84AoibRs4UjeLO8tXnwEW/s4D++eiv0T1e11SE5LcID+8DC+RnqSzbBbMlzjPYH1r8TX1UEJFrBngIPqqMwMV1ZVCYX3XmnwkVyf3c2yBDGDDN6Qd8iPft1zSZCzsQ7WK9yAmpl7sH8DVvk2KRws55ff7sbWnfVtQZs/0bdYLaw4KxcY8rodtTqE8phNJj22I/22Vfaq7zszRkCIYtFvxW1BGlWXsFsrUzIqzSchcJ4y+tb7Yiusy0DaGU92Rqs+/07w==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=cs.tcd.ie; dmarc=pass action=none header.from=cs.tcd.ie; dkim=pass header.d=cs.tcd.ie; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cs.tcd.ie; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=CClw2wFQx+jtue+lSIPjF6YezD93WkY+1H48krq6n1M=; b=t7Zd0QHOQ3WZbd1I9ObLeYBOhDICEHv3R8nAnURevmwWCpdjDUniq4e9vTk9DudUs30XEiATIc8zdA2G/9Ka0fKXJ4TSmH9JZH6PE76R4q0kHyd9/31QNwF+ppdPMirEy1dF9WX/qKXsuIxde08hc0+nTqHT171RI2/LpCF49nj9bezLnTjStxRd3eX71hXQk2yK/9piTXlgEixz9Fza7XSY7SRFNUQs8qB6URJfvViXkVTr+ZLHLTXwUxX6fVIRJvDuO0u62mk6uvJD+KCGpLNXM5pglB4+ChqQHBM3UMH9XzUsyeguWrwk+1dZWoOhFDmkaedHsJ90EjyUXpqfJw==
Authentication-Results: ietf.org; dkim=none (message not signed) header.d=none;ietf.org; dmarc=none action=none header.from=cs.tcd.ie;
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15) by DB9PR02MB7433.eurprd02.prod.outlook.com (2603:10a6:10:243::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.20; Fri, 25 Jun 2021 14:21:11 +0000
Received: from DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::9c71:9f6:9136:f849]) by DB7PR02MB5113.eurprd02.prod.outlook.com ([fe80::9c71:9f6:9136:f849%6]) with mapi id 15.20.4264.023; Fri, 25 Jun 2021 14:21:11 +0000
To: "tls@ietf.org" <tls@ietf.org>
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
Message-ID: <062ba89f-15fb-669e-b1fb-cf6c71fc88a8@cs.tcd.ie>
Date: Fri, 25 Jun 2021 15:21:09 +0100
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.11.0
Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="g1VsMxmLzNoCe86OA0BKEVoD6K3hq0hXY"
X-Originating-IP: [95.45.153.252]
X-ClientProxiedBy: DB9PR05CA0027.eurprd05.prod.outlook.com (2603:10a6:10:1da::32) To DB7PR02MB5113.eurprd02.prod.outlook.com (2603:10a6:10:77::15)
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
Received: from [10.244.2.242] (95.45.153.252) by DB9PR05CA0027.eurprd05.prod.outlook.com (2603:10a6:10:1da::32) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4264.19 via Frontend Transport; Fri, 25 Jun 2021 14:21:10 +0000
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: ae055456-b4d4-4900-77f5-08d937e47b07
X-MS-TrafficTypeDiagnostic: DB9PR02MB7433:
X-MS-Exchange-SharedMailbox-RoutingAgent-Processed: True
X-Microsoft-Antispam-PRVS: <DB9PR02MB743377329DC5640E04B89909A8069@DB9PR02MB7433.eurprd02.prod.outlook.com>
X-TCD-Routed-via-EOP: Routed via EOP
X-TCD-ROUTED: Passed-Transport-Routing-Rules
X-MS-Oob-TLC-OOBClassifiers: OLM:4941;
X-MS-Exchange-SenderADCheck: 1
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: B6kznURO4x+s3sNfDdB9YhZupEm+mI6BWoxW+zNscQ8TdoVosbDBVHxnCCGzaDIwzBAo8su8vxHZdnL1z8rWlQRzoqfKQYT8OsNqZvt2fCZ8gPUfMJ2AzFMx2Pzdwb+oT90nG2/llVcuaPV5r0QB+TBkdFqarrHk5pVLYeSQvNzy81D9Z2HFmesgvYWEtz+6eRtyEvmjBhbeKzf3pwrRcCY1GjgEwlUkgEfM0DBgqxoKoj7b8c6mYx7hReTnqT/ltRHT96XFiKACHIJWPPq1Zor8aboj3NTNzfTKq74EvlHItOBb9fI/VVfu18+lLtJXo5iGa9imFHzEjp1Vw1FU3A6StAXwMNnQOc8D6nUKCM2fgTM+doREiP1PnEn7wCCzxNbA3PkfDLagFr5deJlPmFHGMpj0qSaao5OuLsWzOljS9rzDYTATI4lmABoMFQA7swttKy0E6hvKCqQK/U+jQZHuT6cCvF2q4x+VFCLU+F4dw62qSGiMPTTMzIvA7JY4bONJr9eF0tYRhjAgnNuQBSy9bLz8TqD3loMdIWBwf4zwSI9ff1kiPVzBtwPHqtx/ObIp0Z1Z4KDFJhv1wq91EPLhJyCJhV8rUMKRO8a+/Ch+IA9kkqnxfZNACVlmylUiS7/CeMbwB20tFReipaaz+gWUoWGdmXy+xekdS79/wv45tr87eOPeYvrjcWG6DUXwSWdnGlCrM2J0b+P1PjErFplZuCGxKBzPN0+zWWero1YfF/srLpE1VzYoMdjCMxvDMrpQhkG/cpXe9Ywr2vfAEjNrieE98rd+IxXy/K3iuVc=
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:DB7PR02MB5113.eurprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(4636009)(376002)(396003)(39850400004)(366004)(346002)(136003)(83380400001)(31696002)(66476007)(66556008)(66616009)(6486002)(26005)(31686004)(966005)(86362001)(235185007)(316002)(5660300002)(38100700002)(2616005)(33964004)(186003)(2906002)(6916009)(786003)(36756003)(478600001)(8936002)(21480400003)(16526019)(66946007)(8676002)(16576012)(44832011)(956004)(43740500002)(45980500001); DIR:OUT; SFP:1102;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?a0pOMGc0T2t6TGJtVzQ1VzdoZHdRdzFlQkc1ZTdqK1FKSjZZVzZkYUVHM3Mv?= =?utf-8?B?OGF3dHpDc1FUWjlET0JueE90OE9kaHdQSGN1ZmdnZ21MY05nNWlmUE1jM2JQ?= =?utf-8?B?dndCa1QvUnRERWwzRG1aNEFFN1htYktZTHdmcTJXbGx4dVY5Y3U3MUdBOW9T?= =?utf-8?B?WDhsRnIvUDUyeUsxZGhwZmV2RjJmNEhEbG83a1FTUVlGVVFOTElES2t6bnI2?= =?utf-8?B?NUx6cnRVRG5SSXVsbzFoZ1hMUUdxMlJKS3lPV1M4b3liNE5EVDZMcjZjcjBP?= =?utf-8?B?MEVOMU9xSWlPVEc4V2hxYTZ0N0Y5bGdQY2V4bWZ6L2F2L2VHT0JSdkd5VUZC?= =?utf-8?B?aHgwK0tYRVo4WFJJNzh4M3NJeGVGeVlmWUFNdFFoNWVvZi9hc01LUUtGVkhK?= =?utf-8?B?WUNZSHJZNnVpcjE2YWRXUVZleC9nVEN5eDFWKzBaWjc0N1hoT2VoUTRqc0pt?= =?utf-8?B?QnJPMDYzZEgzck00Zmg1bHRyVnk2b1FzTS9jbzZ4RmYxNHMyYjVvVjFsemps?= =?utf-8?B?WW0zeTNEWXBBWUN0SFhMNDR5ek1IVDZlVTB3czJDSXFmN0k4YUc2NHFOQ3ly?= =?utf-8?B?dkd5blVyTDJJeTB2amR6YlRweDFBaVNWc0o1b09NeXlKN0dFTE5YQ1llR1BV?= =?utf-8?B?RjJGRWxYYVErV1QxbmY5bldKTktVYzBmZHk5Y0ZBcXBScDRJQlFHazJOb2hJ?= =?utf-8?B?K2VOcWhWbGR0c2VpQnRvYjM2eUNJMG1BNGdGMmxwZ1hUUlJSWTR1UWk0eVdh?= =?utf-8?B?RmRFcldBLzdJeEVSdEdlejRnc2NESFI2RWpycURtS0RkYXkwK1dTMERUYUdi?= =?utf-8?B?WDRVWUVtWUFucXdzT3hPeDkvb09CTFBMT1F3VEMwMmxUNk9ZRUFSWWlqUU9X?= =?utf-8?B?eCtiRlJMQno4TG8ybnMvZ3F4VnpqS1RaRkdZVU5EZ2JKL2QwZHVMdW91NnBR?= =?utf-8?B?MVUwN29PVTR6NEZudVcxOGVuRDJLL3J1b2JXMnFNLy90YVFxVXpCcHFySTdW?= =?utf-8?B?cjloRkVqcnM1OUt6cGxlUWFjb0R5VGNCb09EU2ljeGtMTWE3M3F3dGRvTTFp?= =?utf-8?B?aEQ0U2NqTGkvdllkbXFTcmI3RXVSbUlZV05JTGhiNm9QR2pKTm1jZ2lOdm9R?= =?utf-8?B?RjM4V2V2OVJJOVpKNkRIUHVFakJBTzlFc0FXeWxERFYvUDVyUDQ1MWhFWWpt?= =?utf-8?B?RVAzOVZXcHlzQU05TWRSSkUvK2VZYnBWV201ZjNyNHJ6d3hTekttaG5TblNT?= =?utf-8?B?Wjh6NVBUNHU1VG8xNEFzS2hUQ1hWRm96Zmw5cUFZS2tsSllYaFBBN0V0OWZE?= =?utf-8?B?YmxkbGlvUVpXSnhOR1FkV1JtNXNwdko5SERIbHl4cDNOTXRFNXdtaXdiNkZt?= =?utf-8?B?ODlPOW1OUlh5cW5BWjJtZzdQZjVvQ3hnblNsbjlCZ0lkOWpVYUlsUHBWNVor?= =?utf-8?B?WFE0bDJ2dmowYXp0TlJPMDBmbjZ3aG9GSjlhSXdmeEEvYjJDWEVMSmVWbjgw?= =?utf-8?B?T3hoZkpJMElabFdEMmVVVTdwWmdxRW9YR1JPOWJ6ZnZ5c0FIZmE4RmVhOEox?= =?utf-8?B?SDN6YTIzQU8wQU5jM0RKanp3UmN4L2RIcFRQa211ODBVdWJ4bUdVeUplWmk1?= =?utf-8?B?TUFOM3ZFNisyQmxxN3paTE8xSHNtZGVCUnhtZTNoS24xSTd6c2VDT282RVpm?= =?utf-8?B?Z2NyOXFaQklwVVFoWTZTbEc5S3dZZUo2K3VWMUVjeEljK213VGM5a2tQT1NQ?= =?utf-8?Q?jE1wAmAss6mHymNrJ3iepTKz74RiV+Kgp9h9Xtk?=
X-OriginatorOrg: cs.tcd.ie
X-MS-Exchange-CrossTenant-Network-Message-Id: ae055456-b4d4-4900-77f5-08d937e47b07
X-MS-Exchange-CrossTenant-AuthSource: DB7PR02MB5113.eurprd02.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 25 Jun 2021 14:21:11.1150 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: d595be8d-b306-45f4-8064-9e5b82fbe52b
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: 3xElrVCUCe0k3QCKdfL3F+j/vudGRbDZ1L1pA8guz15ONMUn0en6j9MDiWD6rLYW
X-MS-Exchange-Transport-CrossTenantHeadersStamped: DB9PR02MB7433
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uMhAL5JBJmac4b-6JFtPaiY6tPw>
Subject: [TLS] ECH and resumption - what to put in SNI?
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 25 Jun 2021 14:21:20 -0000

Hiya,

If a client established a session to foo.example.com
using ECH with a public_name of example.com, what ought
the client put in the SNI when resuming?

Ignoring ECH, 8446 seems to imply one ought put in
foo.example.com [1] but that'd defeat the purpose of
ECH.

If one omits SNI, that would likely be hard to handle
for a client-facing server when it tries to route
to a good split-mode backend. The same could be true
even if example.com is included as the SNI.

I guess the client could do ECH again, but that'd also
be odd, as it'd require asymmetric crypto when resuming
(which I guess is a lot of the point of tickets), and
depending on ticket ages vs. ECHConfig key rotation
times, might cause interesting failures for a library
client that can't do fresh DNS queries from within the
library (and might never see the TTL of the HTTPS/SVCB
RR in any case).

Am I missing something obvious? If not, what's best here?
(And we should probably have some text in the draft on
this too.)

Cheers,
S.

PS: I guess if the inner and outer ALPNs differed in
the original CH, similar issues might arise for a
client-facing server, in terms of figuring out the
right backend to which the resumed session should be
routed, if routing were based on e.g. the inner ALPN.




[1] https://datatracker.ietf.org/doc/html/rfc8446#page-57