Just to be clear, I didn't say that ECH is a kind of phishing. What I said was that DGA and ECH share a common goal of hiding malicious traffic.
As to RFC8744, I don't see any consensus on desirability there. What I see is an informational RFC explaining the history of SNI, the fact that it has been used for reasons other than its original intent, explanations for rejecting many ill-advised SNI encryption proposals (omitting the current one that was not yet on the table), and ending with the correct statement "Replacing cleartext SNI transmission by an encrypted variant will break or reduce the efficacy of the operational practices and techniques implemented in middleboxes". In fact, other than the vague statements that SNI is PROBABLY included in metadata collection by pervasive surveillance actors, and that encrypted SNI helps thwart unanticipated (but not necessarily negative) usages I don't see any explanation, let alone consensus. Y(J)S -----Original Message----- From: Stephen Farrell <stephen.farr...@cs.tcd.ie> Sent: Thursday, July 3, 2025 4:57 PM To: Yaakov Stein <yst...@allot.com>; <tls@ietf.org> <tls@ietf.org> Subject: Re: [TLS] FW: New Version Notification for draft-stein-tls-ech-considered-harmful-00.txt On 03/07/2025 14:51, Yaakov Stein wrote: > Stephen, > > ECH is not yet another confidentiality feature. We disagree. > TLS already provides perfectly good user content confidentiality. The IETF reached consensus on the desirability of this back in 2020 via RFC8744. > ECH is more akin to DNS tunneling or phishing based on domain names that look > correct. Phishing? That's quite the stretch - so much so I think it quite breaks your argument;-) > It is yet another method of hiding malicious traffic. ECH and TLS has nothing to say about whether traffic is good or bad. As I said, I think this is just regurgitating old arguments, so I don't plan to continue arguing, unless/until I see something new, which (other than a claim that ECH==phishing;-), I've not. Cheers, S. > > Y(J)S > > -----Original Message----- > From: Stephen Farrell <stephen.farr...@cs.tcd.ie> > Sent: Thursday, July 3, 2025 4:24 PM > To: Yaakov Stein <yst...@allot.com>; <tls@ietf.org> <tls@ietf.org> > Subject: Re: [TLS] FW: New Version Notification for > draft-stein-tls-ech-considered-harmful-00.txt > > > Hiya, > > On 02/07/2025 15:43, Yaakov Stein wrote: >> Just in case anyone missed this ... > > I see nothing new or noteworthy in the text. It's the same set of arguments > emitted whenever there's the prospect that some new protocol confidentiality > feature looks like it may get to be widely deployed. > > It mostly reminds me of a meeting I was at where (mobile) telcos > (loudly:-) predicted the sky would fall because youtube had turned on https. > The sky didn't fall. > > Cheers, > S. > > This message is intended only for the designated recipient(s). It may contain > confidential or proprietary information. If you are not the designated > recipient, you may not review, copy or distribute this message. If you have > mistakenly received this message, please notify the sender by a reply e-mail > and delete this message. Thank you. This message is intended only for the designated recipient(s). It may contain confidential or proprietary information. If you are not the designated recipient, you may not review, copy or distribute this message. If you have mistakenly received this message, please notify the sender by a reply e-mail and delete this message. Thank you. _______________________________________________ TLS mailing list -- tls@ietf.org To unsubscribe send an email to tls-le...@ietf.org
