Hi, The charter from march 2022 states that one of the most important goal for the group is to identify and mitigate tracking and fingerprinting vectors.
I think this is an excellent goal. I can however not see any discussion or work except for ECH. Reading RFC8446bis it does not say much when it comes to tracking, fingerprinting, and privacy. As far as I can see the only thing that is discussed is client tracking based on ticket reuse. There are a lot of additional tracking and fingerprinting vectors in the Client Hello and Server Hello. - Tracking is also an issue for servers. IoT devices are often servers and by tracking the device you can often track the person owning the device. - Ticket reuse is just one example of psk identifier reuse, all psk identifier reuse has the same client and server tracking considerations. - Client reuse of key shares can be used to track the client. Server reuse of key shares can be used to track the server or to reveal the server name. - SNI can be used to track a server and most SNI (except very common ones) can be used to track a client. - Non-common values of max_fragment_length, supported_groups, signature_algorithms, application_layer_protocol_negotiation, etc. can be used to track a client with high probability. - The set of extentions in CH or SH might be used to track client or server with high probability. The fingerprinting vector does not need to be globally unique. An attacker often looks in a specific location, in a specific network, and at a specific time. Can also be correlated with fingerprints at other layers. ECH helps a bit by encrypting CH on the whole or part of the path but does not encrypt SH. Is there any possibility to also encrypt SH with ECH? How do we progress with this important goal for the group? I think RFC8446bis needs to be updated, but maybe an additional document would also be good? I would be willing to help with that. Cheers, John
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
