On Thu, Dec 03, 2015 at 03:49:02AM +0000, Jacob Appelbaum wrote:
> > It is far from clear that the privacy gains anything in the form of
> > practical protection. Having looked at it, I'm unconvinced. And I've been
> > a privacy/crypto advocate for a very very long time.
>
> I resolve DNS through Tor and so in that case, my TLS connections
> often exit over a different circuit. My TLS connection would not
> otherwise leak the host I'm requesting if the protocol had a way to
> protect that data. It doesn't. The protocol leak is the problem.
The most compelling argument for SNI encryption I took away from
this thread the cheap opportunity for blocking traffic based on
cleartext SNI. Of course SNI encryption can't help if the destination
IP address supports one or a very few related domains, but it could
help otherwise.
Of course nation-states willing to play hardball will work-around
the problem, but they are doing that even without encrypted SNI.
[ Those of you on the crypto list will have seen the announcement
about Kazakhstan mandating a national security certificate which
must be installed on all customer devices that use the Internet... ]
--
Viktor.
_______________________________________________
TLS mailing list
TLS@ietf.org
https://www.ietf.org/mailman/listinfo/tls
