[TLS] Fwd: New Version Notification for draft-ietf-tls-sni-encryption-01.txt

Mon, 19 Feb 2018 12:08:27 -0800 

The main change in the new version of this draft is the addition of
"multi-protocol" requirements. Namely, hiding the SNI should also work
for protocols like DTLS or QUIC. Then, it would be nice if we could also
hide the ALPN, but that's somewhat less critical. After all, we could
run every application over h2...

-- Christian Huitema



-------- Forwarded Message --------
Subject:        New Version Notification for 
draft-ietf-tls-sni-encryption-01.txt
Date:   Mon, 19 Feb 2018 12:01:18 -0800
From:   internet-dra...@ietf.org
To:     Christian Huitema <huit...@huitema.net>, Eric Rescorla <e...@rtfm.com>



A new version of I-D, draft-ietf-tls-sni-encryption-01.txt
has been successfully submitted by Christian Huitema and posted to the
IETF repository.

Name:           draft-ietf-tls-sni-encryption
Revision:       01
Title:          SNI Encryption in TLS Through Tunneling
Document date:  2018-02-18
Group:          tls
Pages:          22
URL:            
https://www.ietf.org/internet-drafts/draft-ietf-tls-sni-encryption-01.txt
Status:         https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/
Htmlized:       https://tools.ietf.org/html/draft-ietf-tls-sni-encryption-01
Htmlized:       
https://datatracker.ietf.org/doc/html/draft-ietf-tls-sni-encryption-01
Diff:           
https://www.ietf.org/rfcdiff?url2=draft-ietf-tls-sni-encryption-01

Abstract:
   This draft describes the general problem of encryption of the Server
   Name Identification (SNI) parameter.  The proposed solutions hide a
   Hidden Service behind a Fronting Service, only disclosing the SNI of
   the Fronting Service to external observers.  The draft starts by
   listing known attacks against SNI encryption, discusses the current
   "co-tenancy fronting" solution, and then presents two potential TLS
   layer solutions that might mitigate these attacks.
   The first solution is based on TLS in TLS "quasi tunneling", and the
   second solution is based on "combined tickets".  These solutions only
   require minimal extensions to the TLS protocol.

                                                                                
  


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

The IETF Secretariat


_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls

Reply via email to