Re: [TLS] TLS and middleboxes again

Yaron Sheffer <> Thu, 01 September 2011 07:01 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5322F21F87D6 for <>; Thu, 1 Sep 2011 00:01:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: -103.599
X-Spam-Status: No, score=-103.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id AqS3QqjOzpxr for <>; Thu, 1 Sep 2011 00:01:42 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 52FF021F87C9 for <>; Thu, 1 Sep 2011 00:01:42 -0700 (PDT)
Received: by wyg8 with SMTP id 8so1250610wyg.31 for <>; Thu, 01 Sep 2011 00:03:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;; s=gamma; h=message-id:date:from:user-agent:mime-version:to:cc:subject :references:in-reply-to:content-type:content-transfer-encoding; bh=xM1cIYZXs/101vs4FNcNGjnt0l0wU2KrPz7IJrFeQ2g=; b=LJ8iZm6/IJRTgZQIva8xuSHGuFc6lxRJtAjLUhLXnIzoi1PPX2XXDZ7pz2vKgjfKBl 9fSFCggEY7PkkyIITfa1Kub04gVyaWEX/sFxoJsHZA1AKme7vqiiZhqy5ScEIw3P0NvP XJprOxRUg+fp0FUi6suLRsyRr2qbGHwo2GOMc=
Received: by with SMTP id k4mr1239975wbc.21.1314860593879; Thu, 01 Sep 2011 00:03:13 -0700 (PDT)
Received: from [] ( []) by with ESMTPS id fy13sm250530wbb.5.2011. (version=SSLv3 cipher=OTHER); Thu, 01 Sep 2011 00:03:13 -0700 (PDT)
Message-ID: <>
Date: Thu, 01 Sep 2011 10:03:10 +0300
From: Yaron Sheffer <>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:6.0) Gecko/20110812 Thunderbird/6.0
MIME-Version: 1.0
To: Yoav Nir <>
References: <> <> <>
In-Reply-To: <>
Content-Type: text/plain; charset=windows-1252; format=flowed
Content-Transfer-Encoding: 7bit
Cc: "" <>
Subject: Re: [TLS] TLS and middleboxes again
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Thu, 01 Sep 2011 07:01:43 -0000

DNS is not crossing any protocol layers, but I agree your proposal is 

Adding a time-to-live to the alert/announcement (with e.g. max 1 hour) 
would probably solve the problem.


On 09/01/2011 09:07 AM, Yoav Nir wrote:
> On Aug 31, 2011, at 10:39 PM, Yaron Sheffer wrote:
>> Here's a suggestion to avoid the records that announce the proxy. It's
>> not ideal, but it may be easier to implement/deploy than an intrusive proxy.
>> We could use some sort of discovery mechanism to detect the presence of
>> the proxy. Then the client queries the proxy for its certificate hash
>> (with a well known URL), and you can assume the proxy will in fact be
>> there. The discovery process itself is *not* security-sensitive, and we
>> can use caching.
>> Two options are PAC ( and
>> and DNS
>> SRV records. The former is commonly deployed in enterprises, the latter
>> is much simpler to standardize and implement, and architecturally cleaner.
> All these involve a potentially lengthy discovery process, and more inter-layer communications than I'd like.
> The common use case for a middlebox is for when I'm "inside" the company perimeter. In the place where I work, there's WLAN reception on all floors, but none in the stairwell. Going upstairs with a smartphone involves roaming from the WLAN to the 3G network and back to the WLAN. As far as the middlebox is concerned, you're going from "inside" to "outside" and back "inside".
> There is an obvious way for discovery: the client sends hashes of the middlebox certificates in the extension. If the middlebox hash is missing, the middlebox will interfere by sending an alert with its hash and a URL for getting its certificate. The harder question is how to discover that the proxy is gone (or rather, off-path). It's not quite as important, because sending encrypted keys to a non-existant middlebox should not cause a lot of damage, but we don't want to keep accumulating middleboxes.