On 3/22/2020 3:23 PM, Stephen Farrell wrote: > Hiya, > > I was wondering what I wanted to say about this, until... > > On 22/03/2020 22:16, Eric Rescorla wrote: >> I think we should relax this requirement. It's turning out to be hard >> enough to design ECHO as-is. >> >> If/when we get ECHO fully designed and widely deployed, we can then try to >> find designs which use the same basic design but are more stealthy. >> >> Trying to fix everything at once makes the best the enemy of the good. > Yeah, that's about right. Well said. > > I very much like the idea of working on a more-stealthy > mode later. > > I think we might be able to go even further in terms > of simplifying ECHO in various ways that can make it > easier to implement and deploy now without affecting > the security properties/analysis. (I think I've whined > about those on the list before but can regurgitate if > useful:-)
I agree with Stephen. If we have a solid & verified spec, let's deploy it. Then conduct an effort to mitigate the sticking out problem. I can see a number of plausible ways to do that. Greasing is one. Actually using the extension even for sites that have just one SNI, but want to hide usage of multiple ALPN. In the case of QUIC, using the extension to negotiate a secret and protect the Initial packets. If everybody does it, the cost of blocking becomes very large. -- Christian Huitema
signature.asc
Description: OpenPGP digital signature
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
