I suggest calling out ESNI specifically as a reason to not log the SNI in the security considerations, e.g. via:
OLD: In a few circumstances, a new Additional-registered-clause might disclose information to a recipient that was otherwise unavailable. NEW: In a few circumstances, a new Additional-registered-clause might disclose information to a recipient or other actor (via data leaks) that was otherwise unavailable. In particular, if the SNI value was encrypted in the TLS handshake [ESNI] then logging is NOT RECOMMENDED. [ESNI] would point at draft-ietf-tls-esni Even if this isn't a big leak, I think it's still worth preserving a way in which SNIs don't leak - if the TLS client and server and TLS client's DNS setup (and maybe the TLS server's too) are all such that we've not leaked the SNI in any of those places then I think we're better off if we can avoid leaking it here. There have been real data leaks of mails where metadata like this has been revealing [1] and we can't tell in general if some new bit of data might be correlated with something else later. Cheers, S. [1] https://labs.rs/en/metadata/ On 24/01/2019 19:56, John R Levine wrote: > Apropos of recent discussions about SNI logging, here's a draft that > adds an SNI clause to Received: headers, and per Chris Newman's > suggestion, changes the registry criteria to Expert Review so you don't > need to publish an RFC merely to register a new clause. > > Regards, > John Levine, [email protected], Taughannock Networks, Trumansburg NY > Please consider the environment before reading this e-mail. https://jl.ly > > ---------- Forwarded message ---------- > Date: Thu, 24 Jan 2019 14:44:52 > From: [email protected] > > A new version of I-D, draft-levine-additional-registered-clauses-00.txt > has been successfully submitted by John Levine and posted to the > IETF repository. > > Name: draft-levine-additional-registered-clauses > Revision: 00 > Title: Update to Additional Registered Clauses in SMTP Received > Headers > Document date: 2019-01-24 > Group: Individual Submission > Pages: 4 > URL: > https://www.ietf.org/internet-drafts/draft-levine-additional-registered-clauses-00.txt > > Status: > https://datatracker.ietf.org/doc/draft-levine-additional-registered-clauses/ > > Htmlized: > https://tools.ietf.org/html/draft-levine-additional-registered-clauses-00 > Htmlized: > https://datatracker.ietf.org/doc/html/draft-levine-additional-registered-clauses > > > > Abstract: > SMTP servers add Received: trace headers to mail messages to track > their progress This document updates the registration criteria for > Additional Registered Clauses in those headers to Expert Review, and > adds a new clause for Server Name Indication (SNI). > > _______________________________________________ > Uta mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/uta >
0x5AB2FAF17B172BEA.asc
Description: application/pgp-keys
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
