Re: [TLS] SNI from CDN to Origin (was I-D Action: draft-ietf-tls-sni-encryption-08.txt)

Eric Rescorla <ekr@rtfm.com> Thu, 10 October 2019 18:08 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D3878120115 for <tls@ietfa.amsl.com>; Thu, 10 Oct 2019 11:08:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.896
X-Spam-Level:
X-Spam-Status: No, score=-1.896 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 8wZIAlWEtrEW for <tls@ietfa.amsl.com>; Thu, 10 Oct 2019 11:08:38 -0700 (PDT)
Received: from mail-lf1-x132.google.com (mail-lf1-x132.google.com [IPv6:2a00:1450:4864:20::132]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8B4161200F6 for <tls@ietf.org>; Thu, 10 Oct 2019 11:08:38 -0700 (PDT)
Received: by mail-lf1-x132.google.com with SMTP id r2so5083004lfn.8 for <tls@ietf.org>; Thu, 10 Oct 2019 11:08:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=BXIpuazogoZasqI/WuUCj4A+vE8EDgeY9CCG+DJeV9I=; b=00AOJYpqljyj4rtCWGNEuamftgo+izLWcXl3eKidKaF8KuzCoXBJzMn+oB+Kbp1uKM fJM1ZF0MwfpMYZUTgu8CoVJvlGK0HiKpBZxVm+rz+CK6fc/U7Z4YPY58zrwkX0Qp+JAR j70S4V3PA6cVZ1hbPLjFqaTlwC/rK3MEsDsQzJGgxcJoNwKx/8tlNZlyNqbOEFNyMdDp /fcB71qCYTlRDBVmdWQgw3q6uVvw/pinYFhWB8syIYyiHpOzo6VWayURdD3F+1so5BC3 OHdLxuqSjwUEktDJdc9xlSvDZz6e1S2m4P3xBKlny0FWhOYpy/K+Evwa9BJ4CF+7f5xS PrMw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=BXIpuazogoZasqI/WuUCj4A+vE8EDgeY9CCG+DJeV9I=; b=hU6PAvEDSlDsXjbRgQe8Fftmv/xXcikYUNeTEYOPYs6HjFYMQym9lTb1iG2JauiiG+ zHWcFmqonXc/o0RBhkJaKq0NWLHBMTQK4A7c5C4WNX1oJv3+/PGMZNNeRwwVCSm8pClx BbdUQ+j2/1ZyCi+0w50BMTLfJL6ydA/HyhILgZnr1xJPOh1mtBbKQjC3Z/TWZo2h26SF RtwvwoGERpGzlRre0Kzlih0CEvPKRhy+KtDtjDDYhwAM1NqtSKM+gDs+M+CqoeJN6DzJ RQF3JYGzTvdvndJopArUPlept7FZ1KzpUbYwRJBN/eHIQAys76rtM9K88+lI41nvmj8Z puUw==
X-Gm-Message-State: APjAAAVI/RbJtY9YUIJ3VNeZ/gqaaKhUB1ULxYvC9qx+1i8OPKGNLEgu mGuwPF+STNZYGOfgbmlBfTfnzNYvcFrg0kS7KNHv0A==
X-Google-Smtp-Source: APXvYqzTv20O5f6dV1lqbidXDSiuDnp6GtJjKVgYg2nRy8yBTXbPz0lD7x3Twb/v6//0CzQFfOrnT+m27A65lAfoOHU=
X-Received: by 2002:ac2:4a75:: with SMTP id q21mr6593155lfp.94.1570730916747; Thu, 10 Oct 2019 11:08:36 -0700 (PDT)
MIME-Version: 1.0
References: <157048178892.4743.5417505225884589066@ietfa.amsl.com> <CAChr6Sy9=GbUO19X0vc0Dz7c565iPAj=uWVujLV5P3_QL5_srw@mail.gmail.com> <28C7A74D-5F9D-4E1A-A2D2-155417DA51C0@akamai.com> <CAChr6Szay7j=czCaYhKGp9bHHmZiArU440hSnvNqNaL+hX2wKA@mail.gmail.com> <F932C81B-95E9-4044-B975-9AFCD09CF7FA@akamai.com> <CAChr6Sy=+qt=KYKfXEkWhBBev88-XEcB4tOZLz9cBf76wsUo2g@mail.gmail.com> <80F168B0-7F30-4FDA-BD0F-4C787802F0D5@akamai.com> <CAChr6SyV+qMFs56THZzBxNv5vkQTeBJdG9GtutvVMcyP2CxN7w@mail.gmail.com> <CABcZeBNtv-4=dtrArZwnJHSohrbsrtG53_ynSZdcMp=YeWc9iA@mail.gmail.com> <CAChr6SzCONU2yA87QGNhsx7=5Zn82v1_euBJ-kbRci4vJ32oUw@mail.gmail.com> <83192EC8-6A24-4638-80AC-6D2AF9C68BBB@akamai.com> <CAChr6SwdP7iA=ZYg+xa3Ye-b97sekw6=qwJZu2w0n1ZZC9wG+Q@mail.gmail.com> <CABcZeBMLaiPuXhgrExTkdhfaOU_m4g-c+Lq-YmHsKiHyB0jDRw@mail.gmail.com> <CAChr6SznAYZDHFPNHX8Uoyo-Fnx8_uMxCOda1zf37Cxnb5A4WQ@mail.gmail.com>
In-Reply-To: <CAChr6SznAYZDHFPNHX8Uoyo-Fnx8_uMxCOda1zf37Cxnb5A4WQ@mail.gmail.com>
From: Eric Rescorla <ekr@rtfm.com>
Date: Thu, 10 Oct 2019 11:07:59 -0700
Message-ID: <CABcZeBPoyb5sF+ddH8OU_78eJF5sD2df-+ScHRb1xTYhHRHS0w@mail.gmail.com>
To: Rob Sayre <sayrer@gmail.com>
Cc: "Salz, Rich" <rsalz@akamai.com>, "TLS@ietf.org" <tls@ietf.org>
Content-Type: multipart/alternative; boundary="00000000000054d0cd0594924aef"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/yvpAhjyn6O0KnesF36DLqo06v3s>
Subject: Re: [TLS] SNI from CDN to Origin (was I-D Action: draft-ietf-tls-sni-encryption-08.txt)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 10 Oct 2019 18:08:41 -0000

On Wed, Oct 9, 2019 at 10:16 PM Rob Sayre <sayrer@gmail.com> wrote:

> On Wed, Oct 9, 2019 at 8:06 PM Eric Rescorla <ekr@rtfm.com> wrote:
>
>>
>>> I don't think that's quite what I'm proposing. I'm proposing
>>> (optionally) sending the SNI with a client certificate.
>>>
>>
>> What are you trying to accomplish by doing that?
>>
>
> I want to keep the SNI encrypted in TLS hops that use client certificates,
> but where ESNI won't work.
>
> For example, how is the SNI transmitted in the parens here:
>
> [ Client ] -----> (ESNI) -----> [ CDN ] -----> (???) -----> [ Origin ]
>
> I don't think a DNS-based solution like ESNI will work for that second
> hop, because the origin tends to be identified by an IP address rather than
> a domain name.
>

I feel like we're perhaps talking past each other, so I'm going to start
back at the beginning.

In the ordinary case of Client -> Origin or Client -> CDN, the SNI
principally serves to tell the server which origin the client wants and
thus which certificate to serve. For this reason, it has to go in the CH.

In the case of CDN -> Origin, it seems like SNI could serve the same
purpose (say that the origin server is hosting multiple servers), in which
case it seems like the same requirements apply. OTOH, if the origin server
just hosts one origin, then you could potentially have the SNI delivered
later (as you suggest), but then why have SNI delivered at all?

What am I missing?
-Ekr







> thanks,
> Rob
>