On Fri, Jun 2, 2017 at 11:43 AM, Toerless Eckert <t...@cs.fau.de> wrote:
> Thanks, Benoit > > [hope it's ok. to cross-port and redirect replies to TLS] > > I have not followed TLS 1.3 in detail, so a quick question first: > > Will TLS 1.3 still permit servers to send their certificate and/or SNI in > the clear as an option or > will it force server operators to encrypt either/or ? If it does not > permit server applications > to indicate what to encrypt, then i would really love to know which shared > web-hosters did > explicitly express support for TLS 1.3. > > Use case: (i can't believe this hasn't been discussed _forever_, but i do > not subscribe to TLS...) > > Operators of "client-side" networks want to be able to enforce policies > which "web-services" > their clients can communicate with. Operators trying to do this by inspecting TLS (and not decrypting) are going to have a bad time anyway. With HTTP/2 connection coalescing, even if they can see the certificate, the actual HTTP request could be for any name in the certificate. So there's nothing really gained by exposing the certificate. --Richard > As soon as the IP address used to host a web-service runs > multiple web-services (domain-names), this is today done by inspecting the > TLS 1.2 server certificate > or SNI. > > Web hosters whose services do share IP addresses across domain name should > be very interested to > ensure such inspection works, because else a single misbehaving > web-service they host will easily > cause all their web-services to be blacklisted by any of the varied > organizations that create > blacklists: because blacklisting can then only be applied on a per-IP > address. > > Of course, IPv6 could make this need somewhat obsolete because there > should be no reason to > share IPv6 addresses across domain-names, but i am not aware what todays > common practice are with IPv6 > in this respect. > > Cheers > Toerless > > On Thu, Jun 01, 2017 at 04:38:46PM +0200, Benoit Claise wrote: > > Dear all, > > > > You should be aware that the TLS list is debating encrypting SNI so > > that the host name cannot be seen from TLS sessions. > > https://www.ietf.org/mail-archive/web/tls/current/msg23251.htm > > > > If you're aware of valid (valid in the IETF-sense) operational > > practices that require the host name visible, we should enter the > > debate. > > > > Regards, Benoit > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
