apt should pad its TLS connections to obscure the size of the downloaded files from network observers. Right now, an attacker could build an index of all package sizes, then track the size of HTTPS streams to Debian mirrors, and from that, be able to identify most of the packages being downloaded over HTTPS. TLSv1.3 added the possibility to add padding TLS connections: https://tools.ietf.org/id/draft-ietf-tls-tls13-21.html#rfc.section.5.4 GnuTLS already supports it: https://www.gnutls.org/manual/gnutls.html#On-Record-Padding
TLS record padding does not help with that. First of all, we pipeline all our requests; secondly, we'd not be padding to the extent that this would hide things (think pad everything to 1MB); third, security updates are updated quickly, it's unlikely you'd be unable to identify them. In fact, what you want to do is identify which security updates have not been applied, and you can just track last conversation with security.d.o for that :) So in summary, I don't think it's relevant for us You should find out the OpenSSL API for it, GnuTLS will be on its way out next year.
Great to hear that pipelining is already in use! I guess HTTPS plus pipelining could mean that file size is no longer reliably readable for the network observer. I've never profiles TLS and pipelining to know if there are still visible signatures that would let the network observer find the borders of file downloads, so I can't personally say for sure that padding would not still be useful. I agree that padding to something like 1MB would be required to strip out all size metadata. A small amount of padding would obscure a lot of metadata since there are many packages that are close to the same size. I've also been thinking about general fingerprintability, not just detecting whether a specific security update is being applied. The general pattern of packages, could be enough to identify a lot of boxes. I was thinking this was a low hanging fruit. If it is not, and you don't want to track this, I'm fine with it being closed. OpenSSL does Record Padding also: https://www.openssl.org/docs/man1.1.1/man3/SSL_CONF_cmd.html