[tor-project] US congress wrote a letter to Google and Amazon on domain fronting

Alec Muffett alec.muffett at gmail.com
Thu Jul 19 18:08:24 UTC 2018 

On Thu, 19 Jul 2018 at 18:54, Kate Krauss <ailanthus at riseup.net> wrote:

> On 2018-07-19 3:51 am, Alec Muffett wrote:
>
> Thank you! I'm extremely grateful to both Alec and Yawning for these
> thoughtful and clear explanations. So there can be no possible domain
> fronting under TSL 1.3?


Not quite.

DomainFronting essentially means that "SNI Says Alice, First Line Of Letter
Says 'Dear Bob'".

You can do that in both TLS1.2 and 1.3, with Plaintext SNI or (in 1.3) with
Encrypted SNI.

However:

a) doing it is a pain in the ass for the service provider, irrespective of
what version TLS is in use, plus it has negative security consequences (see
previous email from me)

b) if we make TLS1.3+EncryptedSNI into a ubiquitous offering, the need for
DF becomes moot.  It becomes pointless.

Is TSL 1.3 inevitable now that it's been
> approved by IETF?


Kinda, but we need to watch carefully for people trying to drill holes in
it, and/or for "adding friction" to anyone wanting to _leave_ TLS1.2

Such friction includes the Civil Society community screaming "Waaaaah! But
losing DF harms Tor!"

Honest answer: "short term, yes; long term we can win hugely, and we piss
off the NSA too!".



> If so, does it make sense to push for domain fronting
> as a transitional strategy until we have a better plan?


Exactly. Clearly deprecate it, limp along with what DF we can get, and push
hard to get TLS1.3+ESNI into the world's default webserver configs as soon
as possible, and I think we'll be shooting the right direction.


His tech advisor
> Chris Soghoian may support the letter.


I've seen Chris' work before, eg: in support of export control of security
software ("Wassenaar") to stop the outflow of spyware from Western
countries to at-risk countries like Ethiopia.

I won't argue with his sentiment, then as now, but I feel (if he's also
behind this) that his approaches lack adequate consideration of bigger
pictures and long-term goals.



> So my final question--and this may just be contained in a link someone
> could just post, but better, ELI5 here (if appropriate)--is what might
> work, what is on the horizon, does it need more support, and if so, how
> can we support it?
>

We must boldly and clearly recognise DF as the ugly kludge that it is, and
make sure the world knows that; I feel that Tor should (if resources can be
found) get involved with the community of people and companies who are
pursuing solid communications security at the HTTPS layer; in some senses
they are only trying to emulate the goals which Tor has had for years
(decades?) and there must be experience worth sharing.

    -a

-- 
http://dropsafe.crypticide.com/aboutalecm
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.torproject.org/pipermail/tor-project/attachments/20180719/cd477b0c/attachment.html>

More information about the tor-project mailing list