Randomize the order of DTLS ClientHello extensions, to reduce potential ecosystem brittleness.
This is a WebRTC specific follow-up to https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/lKLrZ_P2BwAJ which launched successfully a while back.
WebRTC uses DTLS (datagram TLS over UDP) multiplexed with STUN and RTP and also uses a SRTP specific extension (use_srtp defined in RFC 5764) to negotiate encryption keys.
Middleboxes might expect the use_srtp flag in a certain position which changes with this feature.
It is possible that WebRTC's ClientHello extension ordering is already ossified. This change may cause compatibility issues with middleboxes, SBCs or other network monitoring software. We will do a slow rollout and monitor breakage.
n/a, not developer facing
n/a, not developer facing
Using a fixed extension order can encourage server implementers to fingerprint Chrome and then assume specific implementation behavior. This can limit ecosystem agility when Chrome implements future modifications to DTLS, if the server implementations are not prepared for Chrome to change its ClientHello. Chrome will randomly order extensions, subject to the pre_shared_key constraint in the RFC. This will reduce the risk of server and middleboxes fixating on details of our current ClientHello. This should make the DTLS ecosystem more robust to changes.
Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?
None
n/a, inner function of TLS stack. Possible to inspect using tools like Wireshark
Shipping on desktop | 120 |
Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).
--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CADxkKi%2BWEyR_PRHcAfNNR0w1SECOZ%2B3PqVN3x%3DGcYjK10tE6sg%40mail.gmail.com.
Great follow up to https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/lKLrZ_P2BwAJ. Big fan!On Fri, Sep 22, 2023 at 12:00 AM 'Philipp Hancke' via blink-dev <blin...@chromium.org> wrote:Contact emails
Specification
Summary
Randomize the order of DTLS ClientHello extensions, to reduce potential ecosystem brittleness.
This is a WebRTC specific follow-up to https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/lKLrZ_P2BwAJ which launched successfully a while back.
WebRTC uses DTLS (datagram TLS over UDP) multiplexed with STUN and RTP and also uses a SRTP specific extension (use_srtp defined in RFC 5764) to negotiate encryption keys.
Middleboxes might expect the use_srtp flag in a certain position which changes with this feature.
Blink component
TAG review
NoneTAG review status
Not applicableRisks
Interoperability and Compatibility
It is possible that WebRTC's ClientHello extension ordering is already ossified. This change may cause compatibility issues with middleboxes, SBCs or other network monitoring software. We will do a slow rollout and monitor breakage.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAGkh42Kvqkxyfk7QB9%2BAZcWoWhW9AnzoefP%2BDoxabushNh3VmA%40mail.gmail.com.
On Tue, Sep 26, 2023 at 9:47 PM 'David Adrian' via blink-dev <blin...@chromium.org> wrote:Great follow up to https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/lKLrZ_P2BwAJ. Big fan!
On Fri, Sep 22, 2023 at 12:00 AM 'Philipp Hancke' via blink-dev <blin...@chromium.org> wrote:Contact emails
Specification
This is an interesting simple case where I agree that an explainer for this would be superfluous (as the Summary sums up what you're planning to ship).Summary
Randomize the order of DTLS ClientHello extensions, to reduce potential ecosystem brittleness.
This is a WebRTC specific follow-up to https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo/m/lKLrZ_P2BwAJ which launched successfully a while back.
WebRTC uses DTLS (datagram TLS over UDP) multiplexed with STUN and RTP and also uses a SRTP specific extension (use_srtp defined in RFC 5764) to negotiate encryption keys.
Middleboxes might expect the use_srtp flag in a certain position which changes with this feature.
Blink component
TAG review
NoneTAG review status
Not applicableRisks
Interoperability and Compatibility
It is possible that WebRTC's ClientHello extension ordering is already ossified. This change may cause compatibility issues with middleboxes, SBCs or other network monitoring software. We will do a slow rollout and monitor breakage.
Presumably, this will be behind a base feature to support the slow rollout?
Also, I assume the TLS side of things went smoothly. Any reason to believe DTLS would be significantly worse?
LGTM2
/Daniel
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAL5BFfXC8ZBmahmnf%2BBrVdz_cvzrckVkrH9_Of1m-Q5u8d1M4w%40mail.gmail.com.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/75b98b41-d737-403c-82ae-9ebc6646cee7%40gmail.com.