Actually there is one use case in which the anonymity set is size 1 --
mobile servers. The name of the mobile server cannot be deduced from its
temporary address. It can also not be deduced from the ESNI. But it can
be deduced from the record digest. The mobile server who wants to
maintain privacy
Yes, and this concern is covered well by the draft in GitHub, imho.
thanks,
Rob
On Mon, Nov 25, 2019 at 7:33 PM Christian Huitema
wrote:
> Actually there is one use case in which the anonymity set is size 1 --
> mobile servers. The name of the mobile server cannot be deduced from its
>
On Thursday, 21 November 2019 07:35:09 CET, Rob Sayre wrote:
On Wed, Nov 20, 2019 at 10:25 PM David Schinazi
wrote:
Hi Rob,
The SHOULD from your point (1) is there to address Daniel's concern about
IoT.
Is the idea that excess tickets would be wasteful? I think that's true, but
I would
I support this effort, and would like to point out that we have recently
published a paper [1] and a collection of tools [2] to automatically
verify the security (non malleability) of binary message formats, which
we successfully applied to all of TLS [3] (which revealed many small
On Wed, Nov 20, 2019 at 10:20 PM David Schinazi
wrote:
> Hi folks,
>
> I've chatted with Daniel and Chris offline, and I think there might
> have been some miscommunication here. Please allow me to
> rephrase what I think is going on, and please let me know if
> this accurately represents your
On Sun, Nov 24, 2019 at 10:46 PM Rob Sayre wrote:
> Hi,
>
> This client now interoperates with Cloudflare and the https://defo.ie
> copy of OpenSSL. It's tri-licensed under the Apache 2, MIT, and ISC
> licenses. It won't be merged until draft-06 is out, at a minimum.
>
>
The IESG has received a request from the Transport Layer Security WG (tls) to
consider the following document: - 'TLS Certificate Compression'
as Proposed Standard
The IESG plans to make a decision in the next few weeks, and solicits final
comments on this action. Please send substantive
Draft minutes are available here:
https://github.com/tlswg/wg-materials/blob/master/ietf106/minutes.md
Thanks to Tommy and Joe for taking notes! Please send edits to the list or
chairs as needed.
Best,
Chris
___
TLS mailing list
TLS@ietf.org
Hi,
I see the issue of tracking and blocking via record_digest has come up a
few times in the github repository, but I don't understand the resolution.
If someone wanted to observe or block traffic to "example.com", couldn't
they retrieve the ESNI keys, calculate the record_digest themselves,
You're right, this is all there in the draft. It's just scattered around a
bit, and "anonymity set" is used only once and not defined.
I filed an issue https://github.com/tlswg/draft-ietf-tls-esni/issues/204 in
case the editors want to consolidate text on this concern.
thanks,
Rob
On Mon, Nov
Hi Hannes,
My reading is that only compression/decompression applies to our case.
Fragmentation is optional and only concerns ipv6. I did not intent to make
the comment at an inappropriate time, but if so, please consider it when it
is appropriate.
Yours,
Daniel
On Thu, Nov 21, 2019 at 10:34 PM
11 matches
Mail list logo
