[sslh] SNI and TLS 1.3
Yves Rutschle
yves at rutschle.net
Tue Mar 19 22:38:14 UTC 2019
On Tue, Mar 19, 2019 at 09:30:08PM +0100, Evert Mouw wrote:
> A small question. TLS 1.3 is going to encrypt the SNI data. So, I'm afraid
> that it might be a problem for sslh. Currently I rely on the SNI to
> demultiplex to the correct web server. Is my fear well-founded?
>
> https://tools.ietf.org/html/draft-ietf-tls-esni-01
DO NOT PANIC
:-)
I wouldn't say "TLS is going to": this is experimental and
apparently there are competing solutions, so it's
uncertain this will get dployed.
What is proposed here would indeed break sslh as it is today.
However, the extension is under server control, so if you don't
want your server to support it, you don't have to, and you
can keep using sslh as it is. (You just need to not publish
keys in the DNS.)
Also, the SNI encryption is based on a key that's linked to
the IP address. sslh already has enough code to parse TLS
extensions, so it "just" a matter of adding support to make
sslh a "client-facing server". I assume reference
implementations will be available in time, so that shouldn't
be a major problem.
Y.
More information about the sslh
mailing list