Skip to main content

Issues and Requirements for SNI Encryption in TLS
draft-ietf-tls-sni-encryption-03

The information below is for an old version of the document.
Document Type Expired Internet-Draft (tls WG)
Authors Christian Huitema , Eric Rescorla
Last updated 2018-11-21 (Latest revision 2018-05-20)
Replaces draft-huitema-tls-sni-encryption
Stream Internet Engineering Task Force (IETF)
Formats
Expired & archived
plain text xml htmlized pdfized bibtex
Reviews
Stream WG state Waiting for WG Chair Go-Ahead
Revised I-D Needed - Issue raised by WGLC
Document shepherd Joseph A. Salowey
IESG IESG state Expired
Consensus boilerplate Unknown
Telechat date (None)
Responsible AD (None)
Send notices to Sean Turner <sean@sn3rd.com>, Joseph Salowey <joe@salowey.net>
This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at:
https://www.ietf.org/archive/id/draft-ietf-tls-sni-encryption-03.txt

Abstract

This draft describes the general problem of encryption of the Server Name Identification (SNI) parameter. The proposed solutions hide a Hidden Service behind a Fronting Service, only disclosing the SNI of the Fronting Service to external observers. The draft lists known attacks against SNI encryption, discusses the current "co-tenancy fronting" solution, and presents requirements for future TLS layer solutions.

Authors

Christian Huitema
Eric Rescorla

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)