TLS ClientHello extension permutation

dadrian commented 1 year ago

Request for position on an emerging web specification

Information about the spec

Spec Title: TLS ClientHello extension permutation
Spec URL: https://www.rfc-editor.org/rfc/rfc8446#section-4.2
Explainer (if not README.md in the repository): https://github.com/dadrian/clienthello-randomization/blob/main/EXPLAINER.md

Design reviews and vendor positions

Mozilla standards-positions issue: https://github.com/mozilla/standards-positions/issues/709

Anything else we need to know

The "spec" is Section 4.2 of the TLS 1.3 RFC (RFC 8446). The explainer describes a particular specification-allowed behavior that could be adopted by browsers.

Blink I2E / Ready for Trials: https://groups.google.com/a/chromium.org/g/blink-dev/c/zdmNs2rTyVI/m/OlV6ILBOBwAJ Blink I2S: https://groups.google.com/a/chromium.org/g/blink-dev/c/bYZK81WxYBo

annevk commented 1 year ago

Is there an underlying proposal that all browsers should do this eventually (if so, I might have some venue concerns) or is this something Chrome is doing and this is a heads up?

dadrian commented 1 year ago

We think it would be positive if other browsers randomized extension order, but we don't plan on making e.g. a W3C proposal, since this behavior is already clearly allowed by the TLS RFC. In that sense, this is a heads-up.

WebKit / standards-positions