TLS NPN (Next Protocol Negotiation)

Seth David Schoen schoen at eff.org
Tue Aug 17 06:08:27 UTC 2010


Over on the TLS WG mailing list at IETF there is some debate over
the NPN (Next Protocol Negotation) TLS extension, which originated
outside of TLS WG but is now starting to be brought up there for
standardization.  The thread starts at

http://www.ietf.org/mail-archive/web/tls/current/msg06862.html

Much of the debate centers around the idea that NPN will make it
harder for network operators to know what protocols users are using
over TLS and hence to block particular protocols while permitting
others.  One of the proponents (Adam Langley, who has been doing a
lot of other fantastic work on making TLS better and more ubiquitous)
mentioned the idea that Tor is an intended use case for this
behavior, although there hasn't been any other explicit discussion
of this.

http://www.ietf.org/mail-archive/web/tls/current/msg06866.html

"The design, as is, was picked because the use cases considered were
either ambivalent on this point [in effect, whether to reveal which
service the client is interested in contacting earlier in the
protocol] or favoured the privacy side (i.e.  Tor)."

(Apparently the notion is that the protocol negotiation would
happen late enough that the encrypted session is already
established before the client and server decide which particular
service the client wants to talk to, so you could multiplex,
say, a web server, a Jabber server, a Tor server, and an IMAPS
server all over tcp/443 and an eavesdropper wouldn't trivially
be able to determine which one the client was communicating
with -- except if side channels gave it away, of course.)

I'm tempted to reply pointing out that _all_ uses of TLS represent
at least potential support for a threat model in which a network
operator is the adversary whom users are trying to defend against.
So there's not much conceptually new about having TLS reduce network
operators' control over traffic, although some of the people in
the discussion seem to feel there is a qualitative difference
between, say, keyword filtering and protocol filtering.

Has anybody from Tor been working on NPN?

-- 
Seth Schoen
Senior Staff Technologist                         schoen at eff.org
Electronic Frontier Foundation                    https://www.eff.org/
454 Shotwell Street, San Francisco, CA  94110     +1 415 436 9333 x107
***********************************************************************
To unsubscribe, send an e-mail to majordomo at torproject.org with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/



More information about the tor-talk mailing list