Bulletproof TLS Newsletter
Great Firewall of China blocks encrypted SNI extension
27 Aug 2020
Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space. Received monthly by more than 50,000 subscribers. Maintained by Hanno Böck.
According to a joint report from iYouPort, the University of Maryland, and the Great Firewall Report, TLS connections using the preliminary encrypted SNI (ESNI) extension are being blocked in China.
Traditional SNI allows sending a hostname within a TLS handshake, which allows multiple TLS hosts with different certificates to run on the same IP address and port. But the original SNI is unencrypted, which has sometimes been used to censor connections to certain hosts.
Encrypted SNI is an attempt to change this. The concept is to fetch an encryption key via DNS (which itself can be secured via DNS over HTTPS). It’s currently in draft form, but some hosters implement it already, such as Cloudflare.
According to the report, TLS packages containing the extension for ESNI are dropped. However, only an older extension ID is currently dropped; a newer ID of a mechanism called encrypted client hello (ECH), which is simply the latest version of ESNI, is currently still usable.
The report discusses various ways to evade the blocking, but it’s likely that the blocking will be adapted to thwart those methods if they’re adopted. Whether ESNI will succeed may depend on whether it will be used widely enough to make complete blocking infeasible.
Subscribe to the Bulletproof TLS Newsletter
This subscription is just for the newsletter; we won't send you anything else.
Short news
- OCSP-Requester is a new python package to check the revocation status of certificates.
- Joshua Maddux presented a method abusing TLS session tickets in a DNS rebinding attack leading to server-side request forgery (SSRF) at DEF CON and Black Hat.
- An attack using malicious Tor exit nodes involved preventing HTTP to HTTPS redirect on some Bitcoin sites, which is known as an SSL stripping attack.
- OpenSSL has announced alpha 6 of its upcoming version 3.0.0.
- SNIcat is a method to use SNI as an exfiltration channel that may bypass TLS inspection solutions.
- The LibreSSL developers wrote a blog post about the status of their documentation.
- An expired TLS certificate caused some downtime at Spotify.
- Thomas Pornin published an optimized binary GCD algorithm for modular inversion, which is used in some cryptographic algorithms.
- Filippo Valsorda discusses cryptographic algorithm registries and why he thinks they are harmful and lead to misguided algorithm agility.
Designed by Ivan Ristić, the author of SSL Labs, Bulletproof TLS and PKI, and Hardenize, our course covers everything you need to know to deploy secure servers and encrypted web applications.
Remote and trainer-led, with small classes and a choice of timezones.
Join over 1,500 students who have benefited from more than a decade of deep TLS and PKI expertise.