Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

On Tue, Oct 18, 2022 at 9:58 AM Marwan Fayed wrote: > 1. At large-operator scale, where SNI is used to block instead IP, > outer-SNI forces 'over-blocking' such that large swathes of the > Internet will be unreachable to many. (I'm purposefully ignoring > IP-specific matters to focus on ECH,

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

Thank you for the followon post. Now I understand what you are saying. I disagree, but at least I understand :) >1. At large-operator scale, where SNI is used to block instead IP, outer-SNI forces 'over-blocking' such that large swathes of the Internet will be unreachable to many.

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

Hi Rich, These are great questions, and no problem at all. Admittedly I've attempted to be perhaps too diplomatic, since the topic is sensitive _and_ I'm an unknown to many in the wg. Also thanks to the replies that have come in while composing this reply. [Minor] Fair point on theorem vs axiom,

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

On 18/10/2022 16:36, Ben Schwartz wrote: On the topic of smaller hosts: not every IETF specification is equally useful to everyone, and this is fine. ECH provides more benefit when applied to large hosts, but it doesn't_reduce_ privacy for anyone, so it is safe to deploy on essentially any

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

Hi Marwan, You seem to be concerned that the ECH Public Name might reveal information that is not already disclosed by the destination IP, in cases where the use of a certain IP address by a certain operator is not otherwise known to the observer in question. This is true! In ECH the correct

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

may be made > public. > > Thanks > > Andrew > > > From: TLS On Behalf Of Marwan Fayed > Sent: Tuesday, October 18, 2022 3:01 PM > To: tls@ietf.org > Subject: Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs > > Folks, > >

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

>Permit me to be direct: There are sound technical reasons that the current design of outer-SNI may achieve the exact opposite of what ECH sets out to do and/or, quite possibly, that outer-SNI has an adverse effect on the health of the Internet ecosystem. Marwan, I find it

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

acknowledge that written, audio, video, and photographic records of meetings may be made public. Thanks Andrew From: TLS On Behalf Of Marwan Fayed Sent: Tuesday, October 18, 2022 3:01 PM To: tls@ietf.org Subject: Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs Folks

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

Folks, A personal opening set of words for the public audience: The comments below are not for public use outside the mailing list without discussion or consent; it would be far too easy to take these words out of context for use by special interests. A big thanks for the thoughtful replies. The

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

Hi, Ben, > On Oct 13, 2022, at 22:35, Ben Schwartz > wrote: > > On Thu, Oct 13, 2022 at 8:58 AM Marwan Fayed > > wrote: > ... >> There are really only two ways to populate the outer-SNI. One way is a >> fixed name that easily identifies the content

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

On Thu, Oct 13, 2022 at 2:59 PM Christian Huitema wrote: > Of course, competent filters and censors would just switch > to checking IP addresses, but some may not be that competent, and the > number of IP addresses to analyze may end up to be very large. But > mostly, saying nothing feels better

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

On 10/13/2022 5:57 AM, Salz, Rich wrote: I am curious why you think they will be left behind. ECH support is coming to open source TLS stacks, and many DNS servers are already able to allow custom RRsets. There is a tension between privacy and concentration. Privacy mechanisms like ECH

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

TL;DR: I suggest you consider hosting a side meeting at IETF 115 in London. >**Short setup**: There is more attention than ever on Internet operations from non-Internet governance and, in this context, it is possible that ECH presents a greater risk to the Internet than benefit,

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

I agree with what Ben said, but in particular this: On 13/10/2022 15:35, Ben Schwartz wrote: I do think we have a lot to learn about the operational challenges of deploying ECH, but our discussion about that should be driven by technical reports from deployments, not speculation about

Re: [TLS] 115 Proposal - ECH, server-side deploy risks and trade-offs

On Thu, Oct 13, 2022 at 8:58 AM Marwan Fayed wrote: ... > There are really only two ways to populate the outer-SNI. One way is a > fixed name that easily identifies the content operator, e.g. > ‘operator-ech.com’. In that case, the number of packets with the fixed > outer SNI is sufficiently