> On Nov 14, 2017, at 00:00, Tom Ritter wrote:
>
>> Side question, it feels like this effort could represent a lot of work and
>> require a lot of dedicated cycles. Does it make sense to continue this
>> effort inside of the TLS WG? If it does, will the WG give us the time,
>> mindshare, and cy
Please see https://www.ietf.org/id/draft-camwinget-tls-use-cases-00.txt
for some example use case scenarios impacted by encrypted SNI.
As Ekr subsequently pointed out, it would be useful to make a
distinction between conformant and non-conformant use case scenarios
(which we plan to do in the
Great comments and feedback. Thank you.
Bret
Sent from my Commodore 128D
PGP Fingerprint: 63B4 FC53 680A 6B7D 1447 F2C0 74F8 ACAE 7415 0050
> On Nov 14, 2017, at 10:43 AM, Yoav Nir wrote:
>
>
>
>> On 14 Nov 2017, at 0:00, Tom Ritter wrote:
>>
>> Are you also interested in collecting r
> On 14 Nov 2017, at 0:00, Tom Ritter wrote:
>
> Are you also interested in collecting reports of where SNI is used to
> censor? Or the list of network vendors that support filtering and
> manipulating traffic based on the value?
I don’t think naming and shaming is a goal here.
> In general,
What I think I am more worried about right now is jumping in to designing a
technological solution before we know and understand what is going to break
and is a solution going to actually solve the perceived problem(s) or make
them worse. Technological changes do not always make things better.
Ope
Look at Christian’s draft, it captures the use-case(s) and trade-offs pretty
well.
___
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
On 11/13/2017 11:11 AM, Ilari Liusvaara wrote:
> And yes, genuine encrypted SNI could be somewhat nasty for routing
> before terminating TLS. And if one tries to simply use public-key
> encryption, AFAICT, all the known ways are either slower than
> ECDH-ES or have much larger size overhead (heck,
On Mon, Nov 13, 2017 at 01:45:51PM -0500, David P wrote:
>
> > On Nov 13, 2017, at 12:55 PM, Ilari Liusvaara
> > wrote:
> >
> >> On Mon, Nov 13, 2017 at 09:28:23PM +0800, Bret Jordan wrote:
> >>
> >> 3) We need to compile a list of use cases and scenarios in a draft document
> >> that talk abo
New here.
What about a use case (for SNI) of different teams (or budgets) procuring
certificates for different sites housed on either the same server, or at least
in the same data center behind the same load balancing device? And SNI being
used at a gateway, or entry point to that enterprise’s
On Mon, Nov 13, 2017 at 09:28:23PM +0800, Bret Jordan wrote:
>
> 3) We need to compile a list of use cases and scenarios in a draft document
> that talk about how the SNI (for good or for bad) is being used today and
> what an encrypted SNI will mean for these use cases.
What I think SNI is mainl
On 13 November 2017 at 07:28, Bret Jordan wrote:
> All,
>
> We had a great turnout tonight for the encrypted SNI hangout session.
> Everyone seemed open and willing to work together to understand the
> complexities that sit before us. Several interesting and important views
> were expressed, and I
All,
We had a great turnout tonight for the encrypted SNI hangout session.
Everyone seemed open and willing to work together to understand the
complexities that sit before us. Several interesting and important views
were expressed, and I feel that the meeting was ultimately a success. In
fact, I b
12 matches
Mail list logo
