On Sat, Mar 7, 2015 at 10:43 AM, Phillip Hallam-Baker <[email protected]> wrote: > I have been thinking about the TLS SNI hole again and I have a sketch that I > think is quite practical for solving the issue. > > For the sake of argument, assume we are doing a TLS/2 which is a complete > break with the past TLS protocol that removes most if not all the options in > the current protocol and either eliminates them or makes them mandatory. > > So no more OCSP stapling option, if you are doing TLS/2, it is a > requirement. The restart mechanism is MTI as well and has a mechanism to > allow the crypto state to be offloaded to the server.
This change (SNI encryption) was already discussed in the TLS WG. I have no idea if by restart mechanism you mean resumption tickets, which are already widely supported. > > > One hole that does raise privacy issues is Server Name Identification. If > you have 200 web sites on a server, you don't want to have to burn an IPv4 > address for each one. So the DNS name of the server has to be passed in the > TLS handshake before the encryption tunnel is established. That is a privacy > hole. > > There are a few ways round this problem. But all the best ones involve > passing some sort of key from the DNS server. But to make those work cleanly > it is essential that TLS is layered on DNS and not the other way round. Huh? It's entirely possible to have bootstrapping: a preset public key to encrypt data to the resolver is used to establish the TLS connection over which DNS queries are made to retrieve the public keys needed for other servers. Sincerely, Watson Ladd > > _______________________________________________ > dns-privacy mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/dns-privacy > -- "Those who would give up Essential Liberty to purchase a little Temporary Safety deserve neither Liberty nor Safety." -- Benjamin Franklin _______________________________________________ dns-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/dns-privacy
