Issues and Requirements for SNI Encryption in TLS
draft-ietf-tls-sni-encryption-03
| Document | Type | Expired Internet-Draft (tls WG) | |
|---|---|---|---|
| Authors | Christian Huitema , Eric Rescorla | ||
| Last updated | 2018-11-21 (Latest revision 2018-05-20) | ||
| Replaces | draft-huitema-tls-sni-encryption | ||
| Stream | Internet Engineering Task Force (IETF) | ||
| Formats |
Expired & archived
plain text
xml
htmlized
pdfized
bibtex
|
||
| Reviews |
TSVART Telechat review
(of
-05)
Ready with Nits
|
||
| Stream | WG state | Waiting for WG Chair Go-Ahead | |
| Document shepherd | Joseph A. Salowey | ||
| IESG | IESG state | Expired | |
| Consensus boilerplate | Unknown | ||
| Telechat date | (None) | ||
| Responsible AD | (None) | ||
| Send notices to | Sean Turner <sean@sn3rd.com>, Joseph Salowey <joe@salowey.net> |
https://www.ietf.org/archive/id/draft-ietf-tls-sni-encryption-03.txt
Abstract
This draft describes the general problem of encryption of the Server Name Identification (SNI) parameter. The proposed solutions hide a Hidden Service behind a Fronting Service, only disclosing the SNI of the Fronting Service to external observers. The draft lists known attacks against SNI encryption, discusses the current "co-tenancy fronting" solution, and presents requirements for future TLS layer solutions.
Authors
Christian Huitema
Eric Rescorla
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)