Hi Nico,
On 15/12/2018 02:53, Nico Williams wrote:
> OpenSSL extracts and uses SNI from session resumption tickets.
>
> This gave Viktor Dukhovni and Matt Caswell an idea that I'll relay here
> on their behalf.
I agree this is worth exploring, though am not sure if it'd be
better in the end. (I
On Fri, Dec 14, 2018 at 9:48 PM Nico Williams wrote:
> On Fri, Dec 14, 2018 at 08:01:35PM -0800, Eric Rescorla wrote:
> > On Fri, Dec 14, 2018 at 6:54 PM Nico Williams
> wrote:
> > > OpenSSL extracts and uses SNI from session resumption tickets.
> > > This gave Viktor Dukhovni and Matt Caswell a
> On Dec 15, 2018, at 8:08 AM, Stephen Farrell
> wrote:
>
> I don't see any point in considering the variant with the easy
> active attack though;
For the record the easy MiTM attack requires on-path TCP termination,
only discloses the SNI name, and the full handshake then fails. It
looks t
Hiya,
On 15/12/2018 20:00, Viktor Dukhovni wrote:
>
>
>> On Dec 15, 2018, at 8:08 AM, Stephen Farrell
>> wrote:
>>e
>> I don't see any point in considering the variant with the easy
>> active attack though;
>
> For the record the easy MiTM attack requires on-path TCP termination,
> only disc
[ After this comment, stepping back for a while, I want to hear what others
think about the general shape of the alternative... ]
> On Dec 15, 2018, at 3:40 PM, Stephen Farrell
> wrote:
>
>> For opportunistic discovery, yes also DNS, but the DNS record would
>> just hold a stable indication o
On Sat, Dec 15, 2018 at 12:41 PM Stephen Farrell
wrote:
> If browsers found one of the schemes attractive and the other
> not, that'd I think be a winning argument - unfortunately, but
> realistically, that'd win all arguments about trade-offs in
> terms of potential for privacy improvement.
>
I
On Sat, Dec 15, 2018 at 12:01 PM Viktor Dukhovni
wrote:
>
>
> > On Dec 15, 2018, at 8:08 AM, Stephen Farrell
> wrote:
> >
> > I don't see any point in considering the variant with the easy
> > active attack though;
>
> For the record the easy MiTM attack requires on-path TCP termination,
> only
