Yes, and this concern is covered well by the draft in GitHub, imho. thanks, Rob
On Mon, Nov 25, 2019 at 7:33 PM Christian Huitema <huit...@huitema.net> wrote: > Actually there is one use case in which the anonymity set is size 1 -- > mobile servers. The name of the mobile server cannot be deduced from its > temporary address. It can also not be deduced from the ESNI. But it can be > deduced from the record digest. The mobile server who wants to maintain > privacy will want to use ESNI without a record digest, at the cost of > course of trial decryption. > > > -- Christian Huitema > On 11/26/2019 4:37 AM, Rob Sayre wrote: > > You're right, this is all there in the draft. It's just scattered around a > bit, and "anonymity set" is used only once and not defined. > > I filed an issue https://github.com/tlswg/draft-ietf-tls-esni/issues/204 > in case the editors want to consolidate text on this concern. > > thanks, > Rob > > > On Mon, Nov 25, 2019 at 11:25 AM Ben Schwartz <bem...@google.com> wrote: > >> The record_digest, like the ESNIConfig itself, is intended to be constant >> across all domains that form an anonymity set (i.e. O(1) ESNIConfigs per >> CDN). Thus, the record_digest reveals no additional information to an >> onlooker who can observe the server IP. >> >> On Mon, Nov 25, 2019 at 2:03 PM Rob Sayre <say...@gmail.com> wrote: >> >>> Hi, >>> >>> I see the issue of tracking and blocking via record_digest has come up a >>> few times in the github repository, but I don't understand the resolution. >>> >>> If someone wanted to observe or block traffic to "example.com", >>> couldn't they retrieve the ESNI keys, calculate the record_digest >>> themselves, and then use that to spot traffic to "example.com"? >>> >>> Is the idea that DNS providers will vary the shared keys? >>> >>> thanks, >>> Rob >>> >>> _______________________________________________ >>> TLS mailing list >>> TLS@ietf.org >>> https://www.ietf.org/mailman/listinfo/tls >>> >> > _______________________________________________ > TLS mailing listTLS@ietf.orghttps://www.ietf.org/mailman/listinfo/tls > >
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
