> On Oct 23, 2017, at 1:39 PM, Christian Huitema <huit...@huitema.net> wrote:
>
>> So while there is just one default certificate serving each of the
>> millions of hosted domains, the SNI would leak the exact name of
>> each domain.
>
> Maybe add a discussion of this specific privacy issue in the draft? It
> looks like the leak could be avoided by writing the records differently.
> Do we understand why Microsoft and maybe others do that? Is there some
> kind of tension between management and privacy?
Perhaps they want to be able to locate the MX hosts for some customer
domains in a different datacentre based on customer requirements. I
don't know whether traffic for "nist.gov" and "taipei.gov.tw" transits
the same servers, there could be demand for keeping both "on-shore".
Certainly, if SNI is deemed useful, some discussion might be warranted
in security considerations. But we're not yet discussing whether on
balance SNI (to support vanity domains with virtual-hostring cert
selection) does more good than harm for MTA-to-MTA SMTP.
Once there's some perspective on whether SNI is sufficiently useful
to be desirable, we can ask whether the cost of that justifies the
privacy "leak".
In other words, who's depending on SNI to vend the right certificate
on port 25 inbound MX hosts? Is their use case compelling? We know
that vanity names are used, but they seem mostly cosmetic. And
even (as with Microsoft) when an MX host has multiple names, all
the names match the same certificate (wildcard or multiple SANs),
so an actual hard requirement for SNI is not yet obvious to me.
I was hoping that some folks on this list would have some real
operational perspective, but so far I am the only one posting
data about actual deployments. Perhaps the folks Google, Microsoft,
... would contact their operations and support teams and get a sense
of whether SMTP servers with multiple chains selected by SNI is
something they find they need to support.
Exim actually supports server-side SNI (mostly for port 587 I
expect), perhaps Jeremy could comment on whether Exim users
make real use of this to host multiple virtual TLS MX hosts
for port 25, and would really not want to just consolidate on
a single MX hostname.
In other words, where's the data that makes it possible to
understand whether SNI is actually useful, or mostly just
an auto-pilot design to look like virtual-hosting with HTTPS
where the requirements are very different.
--
Viktor.
P.S.
Some may notice that I failed to do the necessary research
on this for RFC7672, and just assumed that SNI might be
needed and chose to require it, just in case. Sorry about
that... At the time I wanted above all else to maximize
the chance that an advertised TLSA record would match,
and SNI could hypothetically be needed. I did not consider
proscribing such a dependency. The same questions should
have applied.
_______________________________________________
Uta mailing list
Uta@ietf.org
https://www.ietf.org/mailman/listinfo/uta
