Amazon has followed Google's example by lowering the boom on a practice called “domain fronting” that organisations like Signal use to get around government censorship.
As defined by Amazon Web Services, "Domain Fronting is when a non-standard client makes a TLS/SSL connection to a certain name, but then makes a HTTPS request for an unrelated name. For example, the TLS connection may connect to 'www.example.com' but then issue a request for 'www.example.org'."
Doing so means that if an application like Signal is blocked by government edict, domain fronting makes its traffic appear to originate somewhere legitimate.
“The idea behind domain fronting was that to block a single site, you’d have to block the rest of the internet as well. In the end, the rest of the internet didn’t like that plan,” wrote Signal founder Moxie Marlinspike, who took the time time to explain the concept. His company has become the first high-profile target of a policy forbidding Domain Fronting that AWS announced last week.
Marlinspike also yesterday revealed Amazon's threat to kick Signal off AWS.
AWS' post said it doesn't like Domain Fronting because a domain-impersonation technique has possibly-nefarious uses and is therefore a security risk.
In the message sent to Signal, the domain in question is owned by Amazon – Souk.com, a storefront for geographies like the United Arab Emirates, Egypt, Saudi Arabia, and Kuwait.
Google kills off domain fronting – and so secure comms just got tougherREAD MORE
The message quotes from the AWS CloudFront terms of service: “You must own or have all necessary rights to use any domain name or SSL certificate that you use in conjunction with Amazon CloudFront”.
Signal had used Google App Engine as its domain front, but the ad giant prohibited the practice in early April. That decision led Signal to repeat the approach on AWS.
Marlinspike's post explains that merely trying to establish an encrypted connection is enough to draw a censor's beady eye: “a TLS handshake fully exposes the target hostname in plaintext, since the hostname is included in the SNI header in the clear. This remains the case even in TLS 1.3, and it gives a censor all they need.”
In response to AWS's accusation, Marlinspike said Signal isn't impersonating anybody: “Although our interpretation is ultimately not the one that matters, we don’t believe that we are violating the terms they describe: Our CloudFront distribution isn’t using the SSL certificate of any domain but our own,” and “We aren’t falsifying the origin of traffic when our clients connect to CloudFront.”
He didn't explain what options remain for Signal, but Marlinspike warned even if a workaround is possible, it won't happen fast, because Signal has only a small team.
For now, countries that want Signal blocked have their wish. ®