On Sun, Aug 9, 2020, at 8:31 PM, Peter Gutmann wrote:
> >From the writeups I've seen, what they're blocking is TLS 1.3, not ESNI.
> Since ESNI can be de-anonymised with a high degree of success (see various
> conference papers on this)
For the benefit of the list, would you mind sharing these ref
On Sun, Aug 09, 2020 at 11:15:25PM -0700, Christian Huitema wrote:
>
> On 8/9/2020 8:31 PM, Peter Gutmann wrote:
> > >From the writeups I've seen, what they're blocking is TLS 1.3, not ESNI.
>
> Please check David Fitfield's message above in the thread. The research
> that he quoted is quite spec
David, thanks for the detailed note.
I just want to confirm that we haven't seen plain TLS 1.3 blocked either. We
use it for our server-server traffic.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
The call for adoption for draft-wang-opsec-tls-proxy-bp has ended.
The chairs believe that there is insufficient support and no consensus
to adopt this document as a OpSec WG document.
During the adoption call there were a number of comments on the
document scope and technical details the documen
Christopher Wood writes:
>For the benefit of the list, would you mind sharing these references?
I handwaved this one because I don't catalogue these things and didn't want to
try and re-locate every preprint, paper, and report that's drifted across my
desk in the last 6-12 months to try and find
On 8/10/2020 9:26 PM, Peter Gutmann wrote:
> Christopher Wood writes:
>
>> For the benefit of the list, would you mind sharing these references?
> I handwaved this one because I don't catalogue these things and didn't want to
> try and re-locate every preprint, paper, and report that's drifted ac
Christian Huitema writes:
>Fingerprinting is a real issue but from the reports, this is not what is
>happening here.
Sure, I was just pointing out that they're using the brute-force approach now
but presumably at some point will stop blocking when they've implemented a way
to bypass it. My gues
On Mon, Aug 10, 2020 at 10:33 PM Peter Gutmann
wrote:
> Christian Huitema writes:
>
> >Fingerprinting is a real issue but from the reports, this is not what is
> >happening here.
>
> Sure, I was just pointing out that they're using the brute-force approach
> now
> but presumably at some point wi
Rob Sayre writes:
>Do you think this fingerprinting will work with the newer ECH design, if the
>client can add arbitrary content to the encrypted payload?
ECH doesn't have any effect on web site fingerprinting so unless I've
misunderstood your question the answer would be "N/A".
Peter.
__
On Mon, Aug 10, 2020 at 10:58 PM Peter Gutmann
wrote:
> Rob Sayre writes:
>
> >Do you think this fingerprinting will work with the newer ECH design, if
> the
> >client can add arbitrary content to the encrypted payload?
>
> ECH doesn't have any effect on web site fingerprinting so unless I've
>
On 8/10/2020 11:14 PM, Rob Sayre wrote:
> On Mon, Aug 10, 2020 at 10:58 PM Peter Gutmann
> mailto:pgut...@cs.auckland.ac.nz>> wrote:
>
> Rob Sayre mailto:say...@gmail.com>> writes:
>
> >Do you think this fingerprinting will work with the newer ECH
> design, if the
> >client can add
11 matches
Mail list logo
