Re: [TLS] Working Group Last Call for ECH
Raghu Saxena <poiasdpoiasd@live.com> Wed, 13 March 2024 05:20 UTC
Return-Path: <poiasdpoiasd@live.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5423EC14F5EB for <tls@ietfa.amsl.com>; Tue, 12 Mar 2024 22:20:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.203
X-Spam-Level:
X-Spam-Status: No, score=0.203 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FORGED_MUA_MOZILLA=2.309, FREEMAIL_FROM=0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=live.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CtQwpskG5IKH for <tls@ietfa.amsl.com>; Tue, 12 Mar 2024 22:20:15 -0700 (PDT)
Received: from AUS01-SY4-obe.outbound.protection.outlook.com (mail-sy4aus01olkn2185.outbound.protection.outlook.com [40.92.62.185]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id EA455C14F5F8 for <tls@ietf.org>; Tue, 12 Mar 2024 22:20:14 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EkIZAGUAbPqC3+jhF3xzVkb/tIWde2i3m2Jm7Z4XNnz2P+aPT3UCh7uveo1krSJSnG2Q8d6ZQovILMNPxcIMrXOgZ+wPdU7D5Xyw++lSbOHIJHnHc77jbZT6gN98CMbtcJwRPYxAlMpYG1U9FgzHrYNtrP/K25kt/jJjcG1D6HY6XvYVG0qLi50YIy83xSDJKOai2ZGWAIzFcumH/EYOAstIcd5Bm912ZKGIHTmdNRxHxqy0fcloE2b5PMUjkxFT4cLK0LPn2Vu9kDjluY/RMna8s6iExE+++haRmqKh4hjNPP8a25H9qdHj4Kgeh3x2hS9lnGneSM6qK+iZVwSOvQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=cWU19pWSkxCRGl8o7cSErkzM7kHNVgHuQtvZG8hFaLo=; b=nzXMGQatvKPhqzPXihQ6kD0oNeMp8EXMNqSv2cuxYYB9S6wLlTRHBgnTJAC682K3nBctFy6upE/ah08hFOezl0aoYwn/SFRI5WZH4uPk2W4VuuvPqU2sp82Jvcr0fm7q+dOxJurBni9DNEUsLyL6+yZxDUP5rhIiZ2Q0xchPMLlvCTs019KEy9mDbE1kUZ3FK8kVKy40mxrBIYguMg9mp33If6gif7z9JeVYXi3pvIgj2CIzmOGqUIIJd/cVAbppS59WPOSOI290qlay2bT+Z3NYF83kqsHJjKl7R/nZqkTAuiUimQfRHIry5iuW4EIdOiKRcyEukAF6VJOtUdHwsQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=live.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=cWU19pWSkxCRGl8o7cSErkzM7kHNVgHuQtvZG8hFaLo=; b=R2vMPaGdmiW5jIaSg91RDByoNAdLgfzMyXoetaOpPqEqpnMlF9KPXCjY/aTGVMCbJ6VMttb80bb1EYN71b3NhdQm8gRLMyQLmoAPo15c4mw1zWCPLgt4gCJdMTxTv6Z1sJW1GBKqhYohMdBjm82SE/c2CIZ3NG2VLH9SwvvECNYvhNDxa0q0dh45/2VLkMYXffCU144+lcaxhkvRpjpK9zcnZcIFwHpG6cfpzG3mpPuq0NDG3ahC34gb+m02sapgz+jq5yrnpCyu2sgaJS6pgWovJSI9EHMxJCsN2Q11MiwtIuD4WJzoBG4YXy1rQdmiuYLw3d/sTv4AT3VRNFhZkg==
Received: from MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:178::14) by SY4P282MB0732.AUSP282.PROD.OUTLOOK.COM (2603:10c6:10:a5::16) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7386.18; Wed, 13 Mar 2024 05:20:12 +0000
Received: from MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM ([fe80::cc6:d722:c696:5c1c]) by MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM ([fe80::cc6:d722:c696:5c1c%7]) with mapi id 15.20.7386.017; Wed, 13 Mar 2024 05:20:12 +0000
Message-ID: <MEYP282MB35643E2F4A977C0FC051D006A32A2@MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM>
Date: Wed, 13 Mar 2024 13:20:03 +0800
User-Agent: Mozilla Thunderbird
To: tls@ietf.org
References: <CAOgPGoD4iiJ7kivRo4xbe0peiMG3YdzUvmVHC2KvqnMOpm+N7Q@mail.gmail.com>
Content-Language: en-US
From: Raghu Saxena <poiasdpoiasd@live.com>
In-Reply-To: <CAOgPGoD4iiJ7kivRo4xbe0peiMG3YdzUvmVHC2KvqnMOpm+N7Q@mail.gmail.com>
Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="------------LroL2GEjU5azlA001wPaEuO9"
X-TMN: [rG4ScpvbWTXYFO3J6J6qIk+wY56hDxwL]
X-ClientProxiedBy: PU1PR04CA0019.apcprd04.prod.outlook.com (2603:1096:803:29::31) To MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM (2603:10c6:220:178::14)
X-Microsoft-Original-Message-ID: <7ce890e6-30ad-4f0b-a36c-949454f905aa@live.com>
MIME-Version: 1.0
X-MS-Exchange-MessageSentRepresentingType: 1
X-MS-PublicTrafficType: Email
X-MS-TrafficTypeDiagnostic: MEYP282MB3564:EE_|SY4P282MB0732:EE_
X-MS-Office365-Filtering-Correlation-Id: 76b7725f-8600-4c60-04ff-08dc431d41b3
X-MS-Exchange-SLBlob-MailProps: HIo0QlLMSrt0Dx9BkjhokYljGnnODcfuOm7EAIH8XvwULhjRh02KtxOhKMrop/dMRr6ENlsaTiQDdL4ZkFjww/kQaQqq/z1YKPZHD8JtEpL01YLIQpMorm/hMuq/8Jr6G4mgL3sCWK8jUXDatxWx3fSnte8z4bYaGdQiOLljG3zSsTDV7cg1hHIlCxcEwebwMCUSPeFDAAI+gjTQwSfpWYpN7VpK5jzHY23nNwwVMRzQqDGTDy7nxKseKJUprR/Oi8p3sDEe21bVnoRkF/kOuIDdtvwVa6B7ib79df5adhj4f3fswo1XnQfNiaxmlvmf6U8+ZgM3M39kkcOoPjWLNWfhAQcTyRDzy9YegoXyhcE41hMXqCynuUy/q5GrQ/U7miZrYsrRk4vJAqdgxBS8zPDJLHe1nwqxKBCmkQWRpMSoTk+eXtGHVf/zTzKpYEjsQZyPVxEg59JiofmEiF+9Pv0ll/1yvJ4AELHy9UJ1FIha+AvoIJnx2NQe+GP54pY3swRy6ONz4xT6o3biFFKlCbeNDibdtGNaDVbc9L4WX5lLD6voL1d4B9Inq4u2vBtDzspTSNAgxs63t4ZjEhn1demYlPOLHY/9qNSH4UYi3qO6+uWPYjW4CKjtAkCMtwLHy9MsommL50202TNe2GOltfVZQL3AqcHqDCUjFXWqygJmGrrDkLYdsCv2VZn7SixH5rWFrLoKl4+REbLaqIv6+m/zQj5R9Oo1OpA/IwH5jBNOFCkVhWoHe2JJ7IbhM1Rmyx1u/+1lLyBD6iUaJ7cMcdf/R7IjdNlLsX7HVqGjWmG4av+M+GqRu+dh/hifKMnEHBJGTBHZEECKvUy5rq3Eww==
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: E4r+Plee6ZQJd1gZTlpoWD+IQLmCu/Xu3IR8jXNYQ7bPnPQpEC8j8t5Q8o4E6iAdxr2WbaOaijGcRQEp8MH8lN0BDmeRFVRGYD3TBY+PUq3OvzhjMQMDYDMpT6zRzgT9T0P4zBMVzflM6GgaLNqFwRoqnQGdI6/lUhgufd+O8WVH42XJKfkLRCsMjtu+pz8yVUWVUsXV8R0VJ6aaEhwSUDNffrv4IVZkZ38C16gszfC74X3KV8a219C1kraEyxxmOS1miwb26nQBtMRG3s72KurV9TGR2tdXu26jniY3+yntMXWIRES9/mj5Z0XHBPVd1vkzIcnZqjkpj5MvbAuOiJ6Oe3RblEwKGW72GN5QFeTh6XklB0RxFIPfiRJ21ZZhWqeNPcgcSoHkqwjSko5I3hqoAXuhO7eYq702FEo1p/7b8/H9XDmI6AoGWnsW0hn2IZdOCpbth3TafWiYlzVjOTPJYAyPyQAoVGAPZo6Glkdztko6/lhevqHupMZJbalE4+daNhUXAzImXCKaky6Q83RW1D3cYjWzL2r/0u3/KojEwJWtY4AxrUFoyw6QvwLwOyuhMnphwQqtCI5TJQvwCeQURBUJlAQga6SU/1jMedXpzajlI9vdnP9txq/6moUlBp0ZbH9a8k8DQJX3QyPRJa9Rm4fzfnQPPLiHIt1SuAOaB0efmn159aHIJjGnnlOV
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: PW4vL7spG8QsOSaVImA61NU4LIdGOqM4Storz9SmY1nkRagyFIAX4una2b18Xv2WzgSXjELk8L312sQKeDdEu7RKCc9xeID1lU2AwLOKuEWP42hbJrXXLR3XsbOMYUS6bNyZnl/figRd6qPytW/SFjJKZzTklBXAV4ET6Z1qVeERJhFo+oqkEnn0vxUf9Z4DhS7gbCFUAwnu3/XxZOS8q1s4snZvOgnG/l+dtsuIj0RmQbLdMqkh5UNfNlIueTst08nxEJvOxFVrUWxn4P702Cz9kM6enOo0Fjjtcpc/OmgqNozmFm8G/h0ywmwb1WN3WcXbBy1bawShcQdCQj+Yh1YuU5Rt3eCJgg+CZV2de9S4E2pHlLLQNgg2oSNA2xSJIbhToIv4cfs6ct/r6xdlZWkWVkdP/Kf//om2fGYd07sOvuLaflmHC1GTn4S9ZQl2qg3wpFTjbGJ8CtFqR3S0GMpp57nGRiSpWbxuj2aL1GhwJlwF/n5XqNDf9/2iQ23x7XGIQBelYlkZYNvQTsQbNVp0Z6z5NHKT5/ZQMcgOf0YCKM7MMl/iyMhddCbSirEQwVH2qYRKAcd3L61AT1javnaaNiXEN6XgrmhAxiIlD1sNdDN7Bhhy6U6e3twRKTCv1HnHiYJSowJ5CuxOPlFVJWuINaQq8ZqS3CL5fPfQDdOSFhnVRv26Qwx28h6SuWkRxnFr5gLwlYr+ApwJPCK0yGU5IuoGYRL8I3vUuA/idXp4P9G6B/Z03JskY+Gq/63tx4UxBFkpVP7MOOvV5EjAesSkBwZ/pMtjYAL772RjVDVonlH6mjPkMbzonFpQ7g6vPDJ/IS8+6x5V71tFLFLLIj3IChEk86xb8CkP0P7PJzH++ZWmsmVuj/xmwP4zVnCET8ZRmPhDd88S5kmaEPgqiYtNzzS5kqzI1lb4iN4WGVK0l1dfxn2NsfP32b3s90j5V0/q8bQtU3cIp5kpsG8F2e7owxrSw2D5xzFCn3crT8uSxXpXkSYA+KC7EcbIyOPFvQfDXzPLFIlfGFMXtQYqXf+tlmyxaamYq8B4gjCj43AflZCSnsuyOTcqwbADCiKW3DwlLmr8qIwCLzSHOcodTXKMsAgyfT9nBHTR6EUauM4DrEtGO6Gg2IujDUCxHKYNX2m/Donoyt73ibb+iSYvvdm9CiS3YcqjoJs1B1ZG+D2VIYb1c37mO38WdemhJIIEqUxZ4bXtjUAJxMsNgD3P2cDHKo94JgU3D1C6R34rwwk=
X-OriginatorOrg: sct-15-20-4755-11-msonline-outlook-746f3.templateTenant
X-MS-Exchange-CrossTenant-Network-Message-Id: 76b7725f-8600-4c60-04ff-08dc431d41b3
X-MS-Exchange-CrossTenant-AuthSource: MEYP282MB3564.AUSP282.PROD.OUTLOOK.COM
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 13 Mar 2024 05:20:11.9134 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SY4P282MB0732
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/xgaxYUA182Bf07xlqnG20lake6w>
Subject: Re: [TLS] Working Group Last Call for ECH
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2024 05:20:19 -0000
Are comments restricted strictly to members of the working group? If so, please ignore this E-Mail. I'd previously tried to raise an issue regarding requirements of a public_name in the ECHConfig in the mailing list [0], and when I didn't get much response there, even on Github [1], where I was further met by silence. I assumed this meant since I am not in the working group I am not allowed to participate in discussions, but seeing the "Last Call" I thought I'd try one last time. My concern relies around the fact that by requiring a public_name in the ECHConfig, and clients "SHOULD" pass it, means we are losing basically all the benefit we initially had with ESNI, since now some part is leaked anyway. This was not an issue in original ESNI. Although the draft allows for a client to not use this value, and/or for a server to not validate it ("SHOULD" rather than "MUST"), in practice all of the most popular clients (i.e. browsers) will probably end up using / sending it. We saw this for SNI, where even websites which don't need it (e.g. a very popular adult website), browsers will still send it, and this becomes a vector for censorship / blocking. If this requirement is unlikely to change, my question then becomes - it is "acceptable", as a website operator who does not wish to leak the domain name in the ECHOuter's plaintext SNI, to specify the "public_name" in the ECHConfig as something random (e.g. "example.com"), acknowledging the fact that as a server operator, I will disregard any value the client passes for the SNI in the ClientHello anyway? Or is there another recommended approach if I do not want the actual domain to be leaked on the wire. This is coming as an individual operator, with no CDNs to hide behind (e.g. `cloudflare-ech.com`). Lastly, I also struggle to understand the value of this field. From reading the RFC, it seems it is mostly only applicable if the server rejects ECH. I would think this happens if the server does not support ECH, and therefore should not have had an ECHConfig published anyway- or the client is unable to satsify the server's ECH requirements. In both cases, I would think it is on the client to fallback an purposely initiate a non-ECH TLS handshake, rather than "downgrade" the connection. Forgive me if I am missing something obvious, but as someone who used ESNI successfully back when it was in draft status, and was happy with no SNI being leaked, I am unhappy that it has returned. Regards, Raghu Saxena [0] https://mailarchive.ietf.org/arch/msg/tls/HUG1CU0Q4PorZ7fD0yafVfj7VUY/ [1] https://github.com/tlswg/draft-ietf-tls-esni/issues/572#issuecomment-1780859252 On 3/12/24 06:00, Joseph Salowey wrote: > This is the working group last call for TLS Encrypted Client Hello > [1]. Please indicate if you think the draft is ready to progress to > the IESG and send any comments to the list by 31 March 2024. The > comments sent by Watson Ladd to the list [2] on 17 February 2024 will > be considered last call comments. > > Thanks, > > Joe, Deirdre, and Sean > > [1] https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ > [2] https://mailarchive.ietf.org/arch/msg/tls/XUCFuNBSQfSJclkhLW-14DZ0ETg/ > > > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls
- [TLS] Working Group Last Call for ECH Joseph Salowey
- Re: [TLS] Working Group Last Call for ECH Rob Sayre
- Re: [TLS] Working Group Last Call for ECH Rob Sayre
- Re: [TLS] Working Group Last Call for ECH Christopher Patton
- Re: [TLS] Working Group Last Call for ECH Rob Sayre
- Re: [TLS] Working Group Last Call for ECH Watson Ladd
- Re: [TLS] Working Group Last Call for ECH Stephen Farrell
- Re: [TLS] Working Group Last Call for ECH Rob Sayre
- Re: [TLS] Working Group Last Call for ECH Stephen Farrell
- Re: [TLS] Working Group Last Call for ECH Salz, Rich
- Re: [TLS] Working Group Last Call for ECH Stephen Farrell
- Re: [TLS] Working Group Last Call for ECH Arnaud Taddei
- Re: [TLS] Working Group Last Call for ECH Loganaden Velvindron
- Re: [TLS] Working Group Last Call for ECH Martin Thomson
- Re: [TLS] Working Group Last Call for ECH Raghu Saxena
- Re: [TLS] Working Group Last Call for ECH 涛叔
- Re: [TLS] Working Group Last Call for ECH Watson Ladd
- Re: [TLS] Working Group Last Call for ECH Raghu Saxena
- Re: [TLS] Working Group Last Call for ECH Karthikeyan Bhargavan
- Re: [TLS] Working Group Last Call for ECH Christopher Patton
- Re: [TLS] Working Group Last Call for ECH 涛叔
- Re: [TLS] Working Group Last Call for ECH Dennis Jackson
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Karthikeyan Bhargavan
- Re: [TLS] Working Group Last Call for ECH A A
- Re: [TLS] Working Group Last Call for ECH Amir Omidi
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Raghu Saxena
- Re: [TLS] Working Group Last Call for ECH Raghu Saxena
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Salz, Rich
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH John Mattsson
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Amir Omidi
- Re: [TLS] Working Group Last Call for ECH Raghu Saxena
- Re: [TLS] Working Group Last Call for ECH Eric Rescorla
- Re: [TLS] Working Group Last Call for ECH Sean Turner
- Re: [TLS] Working Group Last Call for ECH Joseph Salowey
- Re: [TLS] Working Group Last Call for ECH Russ Housley
- Re: [TLS] Working Group Last Call for ECH Stephen Farrell
- Re: [TLS] Working Group Last Call for ECH Russ Housley
- Re: [TLS] Working Group Last Call for ECH Sean Turner