It is rather long. I've taken a pass at making it read a little clearer,
hopefully. I've tried to preserve the bits of the old text that seemed
important. Hopefully other folks agree. This still could use another
editing pass (e.g. the first and second paragraphs both conclude
with the same thing), but I think it's an improvement.
I've dropped the paragraph about about how the TLSWG has studied the
problem but had difficulties. That seemed more relevant when we were
comparing this approach against others.
The following paragraph then describes the setup (colocated servers) and
what the extension achieves (stuff about anonymity sets). Thats
redundant with the text above talking about how sometimes the server
IP isn't identifying, and the text below talking about what the
extension does. I've worked that text into those two paragraphs.
I tweaked the bit about consistent TLS configuration, since it's not
actually true: it's fine if the servers don't support the same ALPN
protocols. It's just a few externally-visible bits of TLS configuration.
That's probably worth defining more accurately, if we haven't already (I
forget), but not in the introduction.
I've also dropped the claim that we leak no more than the server IP. We
haven't addressed padding of application data, and cases where the
colocated servers have sufficiently different TLS configuration are out
of scope.
I tried to general tightened up language. For instance there was a paragraph
that says "(assuming the server does not use domain-based virtual
hosting)" and then goes straight to talk about servers that do use
virtual hosting.
It is rather long. I've taken a pass at making it read a little clearer, hopefully. I've tried to preserve the bits of the old text that seemed important. Hopefully other folks agree. This still could use another editing pass (e.g. the first and second paragraphs both conclude with the same thing), but I think it's an improvement.
I've dropped the paragraph about about how the TLSWG has studied the problem but had difficulties. That seemed more relevant when we were comparing this approach against others.
The following paragraph then describes the setup (colocated servers) and what the extension achieves (stuff about anonymity sets). Thats redundant with the text above talking about how sometimes the server IP isn't identifying, and the text below talking about what the extension does. I've worked that text into those two paragraphs.
I tweaked the bit about consistent TLS configuration, since it's not actually true: it's fine if the servers don't support the same ALPN protocols. It's just a few externally-visible bits of TLS configuration. That's probably worth defining more accurately, if we haven't already (I forget), but not in the introduction.
I've also dropped the claim that we leak no more than the server IP. We haven't addressed padding of application data, and cases where the colocated servers have sufficiently different TLS configuration are out of scope.
I tried to general tightened up language. For instance there was a paragraph that says "(assuming the server does not use domain-based virtual hosting)" and then goes straight to talk about servers that do use virtual hosting.