[TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

2019-02-19 Thread Dmitry Belyavsky
Hello, Please take a look at an initial submission of the draft. The draft describes a Fake SNI mechanism intended to cheat DPI systems in a case when a DPI system blocks the connection if ESNI is present. -- Forwarded message - From: Date: Tue, Feb 19, 2019 at 10:43 PM Subject:

[TLS] I-D Action: draft-ietf-tls-subcerts-03.txt

2019-02-19 Thread internet-drafts
A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Transport Layer Security WG of the IETF. Title : Delegated Credentials for TLS Authors : Richard Barnes Subodh Iyengar

[TLS] Fwd: New Version Notification for draft-ietf-tls-subcerts-03.txt

2019-02-19 Thread Nick Sullivan
TLSWG, We've posted draft -03 of the Delegated Credentials draft. It includes some editorial improvements (thanks Christopher Patton) and two changes discussed on the list: 1) fixing the text around covering the credential in the signature 2) removing the TLS version from the structure We hope to

[TLS] Negotiated Finite Field Diffie-Hellman shared secret calculation

2019-02-19 Thread Andrey Jivsov
Greetings. it's unclear to me how is the shared secret g^xy calculated for groups in https://tools.ietf.org/html/rfc7919 . If you recall, the TLS 1.1 uses this method the https://tools.ietf.org/html/rfc4346#section-8.1.2 , causing some interoperability problems that are hard to fix. The RFC 7919

Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

2019-02-19 Thread Peter Gutmann
Dmitry Belyavsky writes: >The draft describes a Fake SNI mechanism intended to cheat DPI systems in a >case when a DPI system blocks the connection if ESNI is present. Since this mechanism advertises the fact that a fake SNI is present, wouldn't the DPI then also block the connection for that?

Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

2019-02-19 Thread Dmitry Belyavsky
Dear Peter, On Wed, Feb 20, 2019 at 6:43 AM Peter Gutmann wrote: > Dmitry Belyavsky writes: > > >The draft describes a Fake SNI mechanism intended to cheat DPI systems in > a > >case when a DPI system blocks the connection if ESNI is present. > > Since this mechanism advertises the fact that a

Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

2019-02-19 Thread Peter Gutmann
​Dmitry Belyavsky writes: >Fake SNI is delivered out-of-band for the handshake But then won't the DPI check the out-of-band source as well? If you've got a MITM sitting there then they can do the same lookups and whatnot that the client does, unless you're relying on the client being off-path,

Re: [TLS] Fwd: New Version Notification for draft-belyavskiy-fakesni-00.txt

2019-02-19 Thread Dmitry Belyavsky
On Wed, Feb 20, 2019 at 10:21 AM Peter Gutmann wrote: > Dmitry Belyavsky writes: > > >Fake SNI is delivered out-of-band for the handshake > > But then won't the DPI check the out-of-band source as well? If you've > got a > MITM sitting there then they can do the same lookups and whatnot that th