Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Describe known active attacks #234

Merged
merged 11 commits into from
May 21, 2020
Merged

Describe known active attacks #234

merged 11 commits into from
May 21, 2020

Conversation

chris-wood
Copy link
Collaborator

@chris-wood chris-wood commented May 12, 2020
edited
Loading

Addresses #229.

This is for motivating some of our design decisions (and documenting what we know along the way). I meant to do this a while ago, but never got around to it. In particular, it describes why we have the following three bindings:

  1. Transcript to ECHO secret (to prevent client reaction attacks).
  2. CH1 to CH2 (to prevent HRR oracles).
  3. ClientHello to resumption PSK binder (to prevent resumption oracles).

I'm sure the language and presentation can be improved, so suggestions to that effect are very much welcome!

cc @martinthomson, @davidben, @dmcardle, @jhoyla, @kazuho, @karthikbhargavan, @grittygrease

@chris-wood chris-wood requested a review from ekr May 12, 2020 00:11
ekr
ekr requested changes May 21, 2020
View reviewed changes
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
draft-ietf-tls-esni.md Outdated Show resolved Hide resolved
chris-wood and others added 9 commits May 21, 2020 05:53
@chris-wood @ekr
Update draft-ietf-tls-esni.md
eaa4ab4 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
863eeb7 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
7c756e2 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
00aabc2 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
6f52fa1 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
a2cb0ad 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood @ekr
Update draft-ietf-tls-esni.md
cb8f566 
Co-authored-by: ekr <ekr@rtfm.com>
@chris-wood
Clarify some details of the active attacks.
041537b
@chris-wood
Merge branch 'caw/active-attacks' of github.com:tlswg/draft-ietf-tls-…
df869d1 
…esni into caw/active-attacks
@chris-wood
Copy link
Collaborator Author

Thanks for the feedback! I incorporated your suggestions and clarified a few more things. I'm merging as-is since they seemed mostly editorial.

@chris-wood chris-wood merged commit 1e7e0d9 into master May 21, 2020
@chris-wood chris-wood mentioned this pull request May 21, 2020
Closed
@chris-wood chris-wood deleted the caw/active-attacks branch April 19, 2021 15:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@ekr ekr ekr requested changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@chris-wood @ekr