TLS 1.3 Is an Opportunity for Amazon, Google and Microsoft to End Censorship

The article is ironically censored for me.

This article is unfortunately inaccurate. TLS1.3 does not include encrypted SNI. Encrypted SNI is still being worked on by the TLS working group, and isn't in a deployable state.

Seeing how search results are being censored in “free countries” due to things like the DMCA and The Right To Be Forgotten, maybe we shouldn’t look to private companies to fix this issue.

Encrypted SNI is great for individual privacy but terrible for business/corporate security.

At the moment it is possible to MITM proxy (without the possibility decryption) to inspect the SNI and determine if the host is allowed, and if so the proxy does its own IP resolution and transparently proxies/forwards the TCP traffic. Ie it never engages in the TLS session. This is useful for restricting access from a LAN to services hosted on large cloud provides like AWS, GCP, etc where fixed IPs are not available (well, the third party service/website elects to use a CDN/load balancer/etc without regard to the full security impact).

A good example is PCI DSS and the payment card LAN. You should firewall and lock down so devices can only communicate with necessary services. Along with actual payment services, these LANs often need to allow access out to third party loyalty systems, digital receipt systems, etc that are cloud based.

With Encrypted SNI this won’t be possible to do securely anymore. A full MITM TLS decrypting proxy with explicitly configure clients will be required to ensure the encrypted SNI isn’t changed to a malicous host to eg upload captured payment data to. That’s a lot more overhead both in:

1. Configuring clients to use a proxy and custom CA (let’s hope all the various third parties apps support proxy setup and custom CAs, and no cert pinning!) 2. Running a proxy that now it has to do full decryption and encryption (to make sure you aren’t messing with the SNI and going to a host you shouldn’t).

Of course I don’t expect businesses to these lengths until there has been a serious breach exploiting encrypted SNI. Even then I don’t know which side will take action (or if neither side will)— merchants installing MITM proxies (unlikely), or third party service providers ditching load balancers and sticking to fixed IPs on their cloud hosts (less unlikely).

I'm sure that many countries will block Amazon, Google and whatever else if needed. It won't end censorship, it would make life of ordinary people there even harder.

ESNI is sadly not in the final standard, only in a seperate RFC. Hopefully it'll be ready soon...

> If Google Cloud, Amazon Web Services, and Microsoft Azure allow domain fronting with TLS 1.3, censorship countries like China are faced with a binary choice.

This sounds inaccurate to me. If encrypted SNI is applied, the middleman should not be able to figure out which domain you are connecting to, without interrupting the connection. Domain fronting is a technique for prior TLS which you had to disguise the hostname.

Sure if these companies want to lose market share. And whats censorship? Who decides, the US? No thanks.

> Currently, SNI in TLS 1.2 has a flaw that allows censors to differentiate between a “real” service and a “fake” service if they are savvy enough to figure it out. Interestingly, SNI in TLS 1.3 fixes this problem by hiding all of the information about the service behind encryption.

Isn't this (Encrypted SNI) was the one been extensively discussed here: https://news.ycombinator.com/item?id=17538390 ?

This is great. I hope CDNs like Cloudflare etc deploy it ASAP. Also, deprecate previous TLS versions as ASAP so it can be more effective.

> The problem is that Amazon Web Services and Google Cloud currently do not allow domain fronting. Only Microsoft Azure does.

Is there an official word from Microsoft that they allow it or just "they didn't ban it yet"?