On 12/3/15, Martin Thomson <martin.thom...@gmail.com> wrote: > There are a lot of inaccuracies in that presentation, so I wouldn't > pin too much on it. >
I'm not pinning too much on it and I was surprised by the amount it was suggested would win me over. I actually went in thinking that I'd be crushed and concede; imagine my surprise! > In any case, before we all get too excited about this, there are some > solutions, I've seen a write-up of one of them, but it was a little > hard to follow first time around. Some of the things that are > described as impossible aren't that hard to fix. On the flip site, it > doesn't provide a fully general solution. The question up for debate seems to be if we should bother and I think that yes, we should bother. I spent some time today thinking about solutions for encrypting not only SNI but also other headers. It isn't entirely clear how to solve this problem in a few cases - but especially in the case of a repeated visit or a site that has an HSTS entry, I can see a few ways to protect the information. > > Expect to see something very soon. Until then, I don't think that an > in-depth on what isn't even at a straw-man level of detail is that > helpful. We need details before we can say whether the cost-benefit > makes sense. Where is the design actually happening? I know a few cryptographers who are interested in the design process. All the best, Jacob _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
