Re: [TLS] New Draft: Using DNS to set the SNI explicitly
Ilari Liusvaara <ilariliusvaara@welho.com> Fri, 10 March 2017 11:24 UTC
Return-Path: <ilariliusvaara@welho.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A733412988D for <tls@ietfa.amsl.com>; Fri, 10 Mar 2017 03:24:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, RP_MATCHES_RCVD=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id AzrDPIGLXsNP for <tls@ietfa.amsl.com>; Fri, 10 Mar 2017 03:24:23 -0800 (PST)
Received: from welho-filter4.welho.com (welho-filter4.welho.com [83.102.41.26]) by ietfa.amsl.com (Postfix) with ESMTP id ABD47129890 for <tls@ietf.org>; Fri, 10 Mar 2017 03:24:23 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by welho-filter4.welho.com (Postfix) with ESMTP id 0535E22EFC; Fri, 10 Mar 2017 13:24:21 +0200 (EET)
X-Virus-Scanned: Debian amavisd-new at pp.htv.fi
Received: from welho-smtp1.welho.com ([IPv6:::ffff:83.102.41.84]) by localhost (welho-filter4.welho.com [::ffff:83.102.41.26]) (amavisd-new, port 10024) with ESMTP id dTiRCIhxwhPP; Fri, 10 Mar 2017 13:24:19 +0200 (EET)
Received: from LK-Perkele-V2 (87-92-51-204.bb.dnainternet.fi [87.92.51.204]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by welho-smtp1.welho.com (Postfix) with ESMTPSA id 6B66FC4; Fri, 10 Mar 2017 13:17:39 +0200 (EET)
Date: Fri, 10 Mar 2017 13:17:32 +0200
From: Ilari Liusvaara <ilariliusvaara@welho.com>
To: Martin Rex <mrex@sap.com>
Message-ID: <20170310111732.GA825@LK-Perkele-V2.elisa-laajakaista.fi>
References: <CAHbrMsA=Wk+6U+yLvtY-TNaYbt-UYy4u9+m2fgBSsvF9Es491Q@mail.gmail.com> <20170310082541.4112D1A63F@ld9781.wdf.sap.corp>
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Disposition: inline
In-Reply-To: <20170310082541.4112D1A63F@ld9781.wdf.sap.corp>
User-Agent: Mutt/1.5.23 (2014-03-12)
Sender: ilariliusvaara@welho.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/yNcR_KY8vTd3HPxhVMebmIjTOiQ>
Cc: "<tls@ietf.org>" <tls@ietf.org>
Subject: Re: [TLS] New Draft: Using DNS to set the SNI explicitly
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 10 Mar 2017 11:24:26 -0000
On Fri, Mar 10, 2017 at 09:25:41AM +0100, Martin Rex wrote: > > You don't understand the purpose of SNI and how the (already weak) > rfc2818 section 3.1 server endpoint identification and CABrowser Forum > public CA Domain validation has been designed to work. SNI has extremely little to do with public CA domain validation, except for special validation certificate selection in some methods. Out of 10 standard methods, only 2 would encounter any problems at all if SNI didn't work (test certificate and random value via certificate). And methods using these two presumably both use SNI and don't map it. Certainly, the only known instantiations of "random value via certificate", which are the TLS-SNI validations from ACME specify SNI to be sent. And the values it sends are permanently NXDOMAIN in DNS. And RFC2818 preceedes SNI by about three years, so it can not have been designed to rely on SNI. > Wordpress.com isn't using SNI at all, so the ultimate solution > would be for the client to entirely omit SNI from ClientHello. > > wordpress itself could achieve just the same by using URLs > of the kind > > blogs.wordpress.com/blogname with a cert issued to blogs.wordpress.com > > rather than > > blogname.wordpress.com with a cert issued to *.wordpress.com Nope. That proveds no isolation between blogs. So any way to compromise one would compromise them all. With separate host per blog, you at least avoid the undefendable cross- blog exploits. You still have the cookie exploits, but those can be defended against. And if one adds the base domain to PSL (e.g. like Blogspot (Google)) one doesn't have cookie exploits either. > Btw. your adversary will see the cleartext DNS lookup prior to the > TLS handshake, and tell accesses to multiple different blogs apart by > looking at the size of the responses. DNS over TLS (TCP/853). EDNS0 padding. Both have PS RFCs. -Ilari
- [TLS] New Draft: Using DNS to set the SNI explici… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ilari Liusvaara
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Salz, Rich
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Christian Huitema
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Salz, Rich
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Yoav Nir
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Richard Barnes
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Martin Rex
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ben Schwartz
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Martin Rex
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ilari Liusvaara
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Martin Rex
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ryan Sleevi
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Ilari Liusvaara
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Viktor Dukhovni
- Re: [TLS] New Draft: Using DNS to set the SNI exp… Dave Garrett