This issue was distributed to 55,479 email subscribers.
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space.
In this issue:
- Great Firewall of China blocks encrypted SNI extension
- Short news
Great Firewall of China blocks encrypted SNI extension
According to a joint report from iYouPort, the University of Maryland, and the Great Firewall Report, TLS connections using the preliminary encrypted SNI (ESNI) extension are being blocked in China.
Traditional SNI allows sending a hostname within a TLS handshake, which allows multiple TLS hosts with different certificates to run on the same IP address and port. But the original SNI is unencrypted, which has sometimes been used to censor connections to certain hosts.
Encrypted SNI is an attempt to change this. The concept is to fetch an encryption key via DNS (which itself can be secured via DNS over HTTPS). It’s currently in draft form, but some hosters implement it already, such as Cloudflare.
According to the report, TLS packages containing the extension for ESNI are dropped. However, only an older extension ID is currently dropped; a newer ID of a mechanism called encrypted client hello (ECH), which is simply the latest version of ESNI, is currently still usable.
The report discusses various ways to evade the blocking, but it’s likely that the blocking will be adapted to thwart those methods if they’re adopted. Whether ESNI will succeed may depend on whether it will be used widely enough to make complete blocking infeasible.
- OCSP-Requester is a new python package to check the revocation status of certificates.
- Joshua Maddux presented a method abusing TLS session tickets in a DNS rebinding attack leading to server-side request forgery (SSRF) at DEF CON and Black Hat.
- An attack using malicious Tor exit nodes involved preventing HTTP to HTTPS redirect on some Bitcoin sites, which is known as an SSL stripping attack.
- OpenSSL has announced alpha 6 of its upcoming version 3.0.0.
- SNIcat is a method to use SNI as an exfiltration channel that may bypass TLS inspection solutions.
- The LibreSSL developers wrote a blog post about the status of their documentation.
- An expired TLS certificate caused some downtime at Spotify.
- Thomas Pornin published an optimized binary GCD algorithm for modular inversion, which is used in some cryptographic algorithms.
- Filippo Valsorda discusses cryptographic algorithm registries and why he thinks they are harmful and lead to misguided algorithm agility.