On Wednesday, December 02, 2015 01:00:26 pm Salz, Rich wrote: > Encrypted SNI doesn't give you the kind of protection you think that it does. > We (me and a colleague) did a pretty thorough analysis that showed this. It > was not a conclusion we expected, or wanted, to reach. It was presented at > the TLS Interim before the IETF in Toronto. Slides should be online. (For > example, the adversary will know the IP address or might not care about false > positives, etc.)
URL from Rich's previous email citing this: https://drive.google.com/file/d/0B8YgrWYHqacSV2hnZmR3VjJtRUk/view Please don't brush this argument off in favor of the "obvious" answer that encrypted SNI is helpful. The sad truth is that it's a lot of effort with a lot of risk for virtually no gain. I was quite in favor of encrypted SNI before reading it, and I had to concede the point after. If we can come up with a way to do it easily, ok, but it's not an avenue worth spending too much time on. Dave _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
