Intent to Ship: TLS ClientHello extension permutation

890 views
Skip to first unread message

David Adrian

unread,
Nov 17, 2022, 6:15:24 PM11/17/22
to blink-dev

Contact emails

davi...@chromium.orgdad...@google.com

Specification

https://datatracker.ietf.org/doc/rfc8446

Design docs


https://docs.google.com/document/d/1NIeWj_xFE3p7Q2IxVjnztO4_Aqih3VAskHlLYqDFjvk/edit?resourcekey=0-FCsdas1l23L830egKOun4A
https://github.com/dadrian/clienthello-randomization/blob/main/EXPLAINER.md

Summary

Randomize the order of TLS ClientHello extensions, to reduce potential ecosystem brittleness.



Blink component

Internals>Network>SSL

TAG review



TAG review status

Not applicable

Risks



Interoperability and Compatibility

It is possible that Chrome’s ClientHello extension ordering is already ossified. This change may cause compatibility issues with middleboxes or other network monitoring software. We will do a slow rollout and monitor breakage.



Gecko: Positive (https://groups.google.com/a/chromium.org/g/blink-dev/c/zdmNs2rTyVI/m/MAiQwQkwCAAJhttps://bugzilla.mozilla.org/show_bug.cgi?id=1789436

WebKit: No signal

Web developers: No signals

Other signals:

Ergonomics

n/a, not developer facing



Activation

n/a, not developer facing



Security

Using a fixed extension order can encourage server implementers to fingerprint Chrome and then assume specific implementation behavior. This can limit ecosystem agility when Chrome implements future modifications to TLS, if the server implementations are not prepared for Chrome to change its ClientHello. Chrome will randomly order extensions, subject to the pre_shared_key constraint in the RFC. This will reduce the risk of server and middleboxes fixating on details of our current ClientHello. This should make the TLS ecosystem more robust to changes.



WebView application risks

Does this intent deprecate or change behavior of existing APIs, such that it has potentially high risk for Android WebView-based applications?



Debuggability

n/a, inner function of TLS stack



Will this feature be supported on all six Blink platforms (Windows, Mac, Linux, Chrome OS, Android, and Android WebView)?

Yes

Is this feature fully tested by web-platform-tests?

No

Flag name



Requires code in //chrome?

False

Tracking bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1351809

Launch bug

https://bugs.chromium.org/p/chromium/issues/detail?id=1351809

Estimated milestones

DevTrial on desktop106
DevTrial on Android106


Anticipated spec changes

Open questions about a feature may be a source of future web compat or interop issues. Please list open issues (e.g. links to known github issues in the project for the feature specification) whose resolution may introduce web compat/interop risk (e.g., changing to naming or structure of the API in a non-backward-compatible way).



Link to entry on the Chrome Platform Status

https://chromestatus.com/feature/5124606246518784

This intent message was generated by Chrome Platform Status.

Martin Thomson

unread,
Nov 17, 2022, 7:28:17 PM11/17/22
to David Adrian, blink-dev
To be clear, though we are supportive of this change, we ask that you ask using https://github.com/mozilla/standards-positions rather than use inferences (even obvious ones) based on mailing list posts.  Dennis is the authority here, so no big deal, but this process exists to avoid miscommunication.

Yoav Weiss

unread,
Nov 17, 2022, 9:15:17 PM11/17/22
to Martin Thomson, David Adrian, blink-dev
What Martin said + can you ask for a signal from WebKit folks? 

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.
To view this discussion on the web visit https://groups.google.com/a/chromium.org/d/msgid/blink-dev/CAPLxc%3DVRR-R%2B1tDJELZvqDPENxcT%2Bi-OZntifmqsZOHkyGzHOg%40mail.gmail.com.

David Adrian

unread,
Nov 18, 2022, 3:04:48 PM11/18/22
to Yoav Weiss, Martin Thomson, blink-dev
Apologies---this is my first time going through the Blink process, but I should have caught the formal signal step.

I've filed requests for positions from Mozilla [1] and WebKit [2].

Yoav Weiss

unread,
Nov 18, 2022, 4:12:21 PM11/18/22
to David Adrian, Martin Thomson, blink-dev
No worries :) thanks for filling out those requests for positions

Mike West

unread,
Nov 22, 2022, 11:14:21 AM11/22/22
to blink-dev, Yoav Weiss, Martin Thomson, blink-dev, dad...@google.com
LGTM1, modulo surprises in the standards positions feedback.

This is clearly a security-positive change, insofar as it preserves our ability to make changes to TLS over time. I expect you'll need a careful rollout (and that middleboxes will cause problems), but I also expect you know that already. :)

Good luck!

-mike

On Friday, November 18, 2022 at 10:12:21 PM UTC+1 Yoav Weiss wrote:
No worries :) thanks for filling out those requests for positions

On Fri, Nov 18, 2022, 21:04 David Adrian <dad...@google.com> wrote:
Apologies---this is my first time going through the Blink process, but I should have caught the formal signal step.

I've filed requests for positions from Mozilla [1] and WebKit [2].


On Thu, Nov 17, 2022 at 7:15 PM Yoav Weiss <yoav...@chromium.org> wrote:
On Fri, Nov 18, 2022 at 1:28 AM Martin Thomson <m...@mozilla.com> wrote:


On Fri, Nov 18, 2022 at 10:15 AM 'David Adrian' via blink-dev <blin...@chromium.org> wrote:

To be clear, though we are supportive of this change, we ask that you ask using https://github.com/mozilla/standards-positions rather than use inferences (even obvious ones) based on mailing list posts.  Dennis is the authority here, so no big deal, but this process exists to avoid miscommunication.

What Martin said + can you ask for a signal from WebKit folks? 

--
You received this message because you are subscribed to the Google Groups "blink-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+unsubscribe@chromium.org.

Yoav Weiss

unread,
Nov 22, 2022, 10:53:44 PM11/22/22
to Mike West, blink-dev, Martin Thomson, dad...@google.com
LGTM2

To unsubscribe from this group and stop receiving emails from it, send an email to blink-dev+...@chromium.org.

Daniel Bratell

unread,
Nov 23, 2022, 10:41:37 AM11/23/22
to Yoav Weiss, Mike West, blink-dev, Martin Thomson, dad...@google.com

LGTM3

/Daniel

David Adrian

unread,
Nov 28, 2022, 12:06:48 PM11/28/22
to ayumi hamasaki, blink-dev
The Google Doc is the same as the explainer. The documentation is public. The Google Doc is not public because it is not a Chromium-organization doc, it is a Google owned document.

On Mon, Nov 28, 2022 at 4:57 AM ayumi hamasaki <ayum...@gmail.com> wrote:
Hi,

Why is the  Documentation link blocked to the public?

Steps to repeat issue:

2. Under Documentation Tab
3. Access denied

This is the first time I've ever seen a documentation being blocked to the public, can Googlers not go down that route please! Can you make all  Documentation links public so we can see more information about this issue!

Adds little extra information with regards to the issue, hence why I have bated breath hoping to open the google docs link to understand more about this issue!

Many Thanks.

ayumi hamasaki

unread,
Nov 28, 2022, 12:07:42 PM11/28/22
to blink-dev, dad...@google.com
Hi,

Why is the  Documentation link blocked to the public?

Steps to repeat issue:

2. Under Documentation Tab
3. Access denied

This is the first time I've ever seen a documentation being blocked to the public, can Googlers not go down that route please! Can you make all  Documentation links public so we can see more information about this issue!

Adds little extra information with regards to the issue, hence why I have bated breath hoping to open the google docs link to understand more about this issue!

Many Thanks.

On Wednesday, 23 November 2022 at 15:41:37 UTC Daniel Bratell wrote:

Yoav Weiss

unread,
Nov 28, 2022, 12:15:51 PM11/28/22
to David Adrian, ayumi hamasaki, blink-dev
On Mon, Nov 28, 2022 at 6:06 PM 'David Adrian' via blink-dev <blin...@chromium.org> wrote:
The Google Doc is the same as the explainer. The documentation is public. The Google Doc is not public because it is not a Chromium-organization doc, it is a Google owned document.

Apologies, I should've caught that during the review, but can you render the document's contents public? (e.g. copy them over to a Chromium doc)
Skimming through the doc, it doesn't seem to contain any non-public information.

David Adrian

unread,
Nov 28, 2022, 12:29:55 PM11/28/22
to Yoav Weiss, ayumi hamasaki, blink-dev
I've copied the document into a public Chromium-doc and updated the link on Chromestatus.

ayumi hamasaki

unread,
Dec 1, 2022, 3:38:59 PM12/1/22
to blink-dev, dad...@google.com, ayumi hamasaki, blink-dev, yoav...@chromium.org
Thank you, can confirm issue resolved.
Reply all
Reply to author
Forward
0 new messages