undefined | Better HN

0 pointsmjevans9y ago0 comments

Establish an enciphered, unauthenticated, connection to an IP.

This is now a tunnel.

Over that tunnel:

* If you've connected before attempt to reuse the cached credentials to further establish a connection to the requested certificate. This validates prior authorization of being the target host.

* If the above fails or if it's a new host, ask for the certificate, perform extensive validation including REQUIRING that the external revocation check authenticates and confirms non-revoked.

0 comments

openasocket9y ago

How do you create an encrypted connection to an IP address? Just a regular Diffie-Hellman key exchange? That's pretty easy to MitM, and then the attacker can view the certificate the server passes, which will contain the domain name. A little more involved than sniffing SNI, because now you need to scale out MitM-ing instead of DPI, but pretty much the same problem.

cesarb9y ago

Once the connection is MitM'd, the certificate validation would fail, since the MitM host cannot sign the "hash of everything that's been exchanged in this connection so far" with the correct server certificate. So the MitM would have to choose between either learning the domain name but failing the connection, or letting the connection pass but not learning the domain name.

openasocket9y ago

Darn, that right. I guess I fall back to my other answer then: the ISP can always get the domain name from the server ip address and reverse or passive DNS, and there's nothing you can do about that.

j / k navigate · click thread line to collapse

0 pointsmjevans9y ago0 comments

Establish an enciphered, unauthenticated, connection to an IP.

This is now a tunnel.

Over that tunnel:

* If you've connected before attempt to reuse the cached credentials to further establish a connection to the requested certificate. This validates prior authorization of being the target host.

* If the above fails or if it's a new host, ask for the certificate, perform extensive validation including REQUIRING that the external revocation check authenticates and confirms non-revoked.

0 comments

openasocket9y ago

cesarb9y ago

openasocket9y ago

Darn, that right. I guess I fall back to my other answer then: the ISP can always get the domain name from the server ip address and reverse or passive DNS, and there's nothing you can do about that.

j / k navigate · click thread line to collapse