On 11/13/2013 01:16 AM, Martin Thomson wrote: > On 12 November 2013 08:12, Ted Hardie <[email protected]> wrote: >> The DNS query tells you which resource was the target even if the HTTP flow >> was protected by TLS. > > In practice, since server name indication is sent in the clear, even > this doesn't help. Unless you are running a browser from 2001, you > are sending SNI. > > That said, SNI may be pushed into an encrypted payload in TLS 1.3. > The challenge there is that servers often use SNI to select what > credentials to offer.
Actually, I think that's maybe interestingly illustrative of some of the non-crypto issues we face. The converse argument was just made on the TLS list yesterday to the effect that there's no point in TLS 1.3 (or a TLS 1.2 extension) encrypting SNI because its the same as the obviously cleartext DNS query in many cases. (Not in all cases being due to VPNs, but that's not the point.) I think there are at least two credible choices for how one regards attempts to counter traffic analysis: 1) give up, its too hard, and going to get worse no matter what we try do, or 2) try chip away at the problem as and when we can in the hope we eventually do make it better. There are probably more as well, but I'm for (2) even though I can understand those who think (1) is much more practical. Or maybe I just hate giving up;-) S. _______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
