{"id":2395,"date":"2018-10-18T10:00:38","date_gmt":"2018-10-18T17:00:38","guid":{"rendered":"https:\/\/blog.mozilla.org\/security\/?p=2395"},"modified":"2018-10-18T10:00:38","modified_gmt":"2018-10-18T17:00:38","slug":"encrypted-sni-comes-to-firefox-nightly","status":"publish","type":"post","link":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/","title":{"rendered":"Encrypted SNI Comes to Firefox Nightly"},"content":{"rendered":"<p>TL;DR: Firefox Nightly now supports encrypting the <a href=\"https:\/\/tools.ietf.org\/rfcmarkup?doc=6066#section-3\">TLS Server Name Indication (SNI)<\/a> extension, which helps prevent attackers on your network from learning your browsing history. You can enable encrypted SNI today and it will automatically work with any site that supports it. Currently, that means any site hosted by <a href=\"https:\/\/blog.cloudflare.com\/encrypt-that-sni-firefox-edition\/\">Cloudflare<\/a>, but we\u2019re hoping other providers will add ESNI support soon.<\/p>\n<h3>Concealing Your Browsing History<\/h3>\n<p>Although an increasing fraction of Web traffic is <a href=\"https:\/\/letsencrypt.org\/stats\/#percent-pageloads\">encrypted with HTTPS<\/a>, that encryption isn\u2019t enough to prevent network attackers from learning which sites you are going to. It\u2019s true that HTTPS conceals the exact page you\u2019re going to, but there are a number of ways in which the site\u2019s identity leaks. This can itself be sensitive information: do you want the person at the coffee shop next to you to know you\u2019re visiting cancer.org?<\/p>\n<p>There are four main ways in which browsing history information leaks to the network: the TLS certificate message, \u00a0DNS name resolution, the IP address of the server, and the TLS Server Name Indication extension. Fortunately, we\u2019ve made good progress shutting down the first two of these: The new TLS 1.3 standard encrypts the server certificate by default and over the past several months, we\u2019ve been <a href=\"https:\/\/blog.mozilla.org\/futurereleases\/2018\/09\/13\/dns-over-https-doh-testing-on-beta\/\">exploring<\/a> the use of DNS over HTTPS to protect DNS traffic. This is looking good and we are hoping to roll it out to all Firefox users over the coming months. The IP address remains a problem, but in many cases, multiple sites share the same IP address, so that leaves SNI.<\/p>\n<h3>Why do we need SNI anyway and why didn\u2019t this get fixed before?<\/h3>\n<p>Ironically, the reason you need an SNI field is <i>because<\/i> multiple servers share the same IP address. When you connect to the server, it needs to give you the right certificate to prove that you\u2019re connecting to a legitimate server and not an attacker. However, if there is more than one server on the same IP address, then which certificate should it choose? The SNI field tells the server which host name you are trying to connect to, allowing it to choose the right certificate. In other words, SNI helps make large-scale TLS hosting work.<\/p>\n<p>We\u2019ve known that SNI was a privacy problem from the beginning of TLS 1.3. The basic idea is easy: encrypt the SNI field (hence \u201cencrypted SNI\u201d or ESNI). Unfortunately every design we tried had drawbacks. The technical details are kind of complicated, but the basic story isn\u2019t: every design we had for ESNI involved some sort of performance tradeoff and so it looked like only sites which were \u201csensitive\u201d (i.e., you might want to conceal you went there) would be willing to enable ESNI. As you can imagine, that defeats the point, because if only sensitive sites use ESNI, then just using ESNI is itself a signal that your traffic demands a closer look. So, despite a lot of enthusiasm, we eventually decided to publish TLS 1.3 without ESNI.<\/p>\n<p>However, at the beginning of this year, we realized that there was actually a pretty good 80-20 solution: big Content Distribution Networks (CDNs) host a lot of sites all on the same machines. If they\u2019re willing to convert all their customers to ESNI at once, then suddenly ESNI no longer reveals \u00a0a useful signal because the attacker can see what CDN you are going to anyway. This realization broke things open and enabled a <a href=\"https:\/\/tools.ietf.org\/html\/draft-ietf-tls-esni-01\">design<\/a> for how to make ESNI work in TLS 1.3 (see Alessandro Ghedini\u2019s <a href=\"https:\/\/blog.cloudflare.com\/encrypted-sni\/\">writeup<\/a> of the technical details.) Of course, this only works if you can mass-configure all the sites on a given set of servers, but that\u2019s a pretty common configuration.<\/p>\n<h3>How do I get it?<\/h3>\n<p>This is brand-new technology and Firefox is the first browser to get it. At the moment we\u2019re not ready to turn it on for all Firefox users. However, Nightly users can try out this enhancing feature now by performing the following steps: First, you need to make sure you have DNS over HTTPS enabled (see: <a href=\"https:\/\/blog.nightly.mozilla.org\/2018\/06\/01\/improving-dns-privacy-in-firefox\/\">https:\/\/blog.nightly.mozilla.org\/2018\/06\/01\/improving-dns-privacy-in-firefox\/<\/a>). Once you\u2019ve done that, you also need to set the \u201cnetwork.security.esni.enabled\u201d preference in about:config to \u201ctrue\u201d). This should automatically enable ESNI for any site that supports it. Right now, that\u2019s just Cloudflare, which has enabled ESNI for all its customers, but we\u2019re hoping that other providers will follow them. You can go to: <a href=\"https:\/\/www.cloudflare.com\/ssl\/encrypted-sni\/\">https:\/\/www.cloudflare.com\/ssl\/encrypted-sni\/<\/a> to check for yourself that it\u2019s working.<\/p>\n<h3>What\u2019s Next?<\/h3>\n<p>During the development of TLS 1.3 we found a number of problems where network devices (typically firewalls and the like) would break when you tried to use TLS 1.3. We\u2019ve been pretty careful about the design, but it\u2019s possible that we\u2019ll see similar problems with ESNI. In order to test this, we\u2019ll be running a set of experiments over the next few months and measuring for breakage. We\u2019d also love to hear from you: if you enable ESNI and it works or causes any problems, <a href=\"https:\/\/bugzilla.mozilla.org\/enter_bug.cgi?format=guided#h=bugForm%7CCore%7CNetworking\">please let us know.<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>TL;DR: Firefox Nightly now supports encrypting the TLS Server Name Indication (SNI) extension, which helps prevent attackers on your network from learning your browsing history. You can enable encrypted SNI &hellip; <a class=\"go\" href=\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/\">Read more<\/a><\/p>\n","protected":false},"author":1590,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[69],"tags":[],"coauthors":[320790],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Encrypted SNI Comes to Firefox Nightly - Mozilla Security Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Eric Rescorla\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/\",\"url\":\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/\",\"name\":\"Encrypted SNI Comes to Firefox Nightly - Mozilla Security Blog\",\"isPartOf\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\"},\"datePublished\":\"2018-10-18T17:00:38+00:00\",\"dateModified\":\"2018-10-18T17:00:38+00:00\",\"author\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/d7c6be5f71d0f9fe53dbf12167ba6722\"},\"breadcrumb\":{\"@id\":\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/blog.mozilla.org\/security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Encrypted SNI Comes to Firefox Nightly\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#website\",\"url\":\"https:\/\/blog.mozilla.org\/security\/\",\"name\":\"Mozilla Security Blog\",\"description\":\"\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/d7c6be5f71d0f9fe53dbf12167ba6722\",\"name\":\"Eric Rescorla\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/6035346f726234b1bb974365f782f182\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e5f9acbf6d67bc10e02f6289a4afd588?s=96&d=identicon&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e5f9acbf6d67bc10e02f6289a4afd588?s=96&d=identicon&r=g\",\"caption\":\"Eric Rescorla\"},\"description\":\"Eric is CTO of the Firefox team at Mozilla.\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Encrypted SNI Comes to Firefox Nightly - Mozilla Security Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/","twitter_misc":{"Written by":"Eric Rescorla","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/","url":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/","name":"Encrypted SNI Comes to Firefox Nightly - Mozilla Security Blog","isPartOf":{"@id":"https:\/\/blog.mozilla.org\/security\/#website"},"datePublished":"2018-10-18T17:00:38+00:00","dateModified":"2018-10-18T17:00:38+00:00","author":{"@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/d7c6be5f71d0f9fe53dbf12167ba6722"},"breadcrumb":{"@id":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/blog.mozilla.org\/security\/2018\/10\/18\/encrypted-sni-comes-to-firefox-nightly\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/blog.mozilla.org\/security\/"},{"@type":"ListItem","position":2,"name":"Encrypted SNI Comes to Firefox Nightly"}]},{"@type":"WebSite","@id":"https:\/\/blog.mozilla.org\/security\/#website","url":"https:\/\/blog.mozilla.org\/security\/","name":"Mozilla Security Blog","description":"","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/blog.mozilla.org\/security\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/d7c6be5f71d0f9fe53dbf12167ba6722","name":"Eric Rescorla","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blog.mozilla.org\/security\/#\/schema\/person\/image\/6035346f726234b1bb974365f782f182","url":"https:\/\/secure.gravatar.com\/avatar\/e5f9acbf6d67bc10e02f6289a4afd588?s=96&d=identicon&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e5f9acbf6d67bc10e02f6289a4afd588?s=96&d=identicon&r=g","caption":"Eric Rescorla"},"description":"Eric is CTO of the Firefox team at Mozilla."}]}},"_links":{"self":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/2395"}],"collection":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/users\/1590"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/comments?post=2395"}],"version-history":[{"count":0,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/posts\/2395\/revisions"}],"wp:attachment":[{"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/media?parent=2395"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/categories?post=2395"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/tags?post=2395"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/blog.mozilla.org\/security\/wp-json\/wp\/v2\/coauthors?post=2395"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}