[Cryptography] ALPACA

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Jun 11 08:28:53 EDT 2021


Jerry Leichter <leichter at lrw.com> writes:

>The paper points out that the entire technique can be avoided if the web site
>uses SNI *and marks SNI as required*.

You don't even need SNI, the solution is in the certificate via the
extKeyUsage extension.  However as with SNI it's widely ignored, and just as
widely set to garbage values.

A related problem is that with TLS whenever a problem is pointed out the
solution isn't to fix the problem but to leave it unfixed and instead invent a
new protocol extension that does things differently (there are currently
around sixty extensions to the base TLS protocol and the TLS standing
committee is busy adding more as fast as they can).  Since the original
problem is still unfixed while the new extension is often ignored, nothing
ever gets resolved.

Peter.



More information about the cryptography mailing list