[0xxon]

Most clients nowadays sent the "server name indication" (SNI) TLS extension though, which contains the name of the site you are connecting to.

The extension is sent unencrypted, even when using TLS 1.3. So everyone sniffing the traffic can tell where you are surfing to, even without DNS.

[tedunangst]

I don't think many people know this, or at least never think about it. "https means encrypted, that means secret."

[MertsA]

And in order to support clients that don't support SNI, you need to have one domain per IP address so an attacker can just try and connect to that IP and then look at the SSL cert that's sent back to get the domain name.

[pixl97]

>And in order to support clients that don't support SNI

There is little reason to support clients that do not support SNI. By supporting those clients you are likely putting your entire encrypted infrastructure at risk. SSL3 should be disabled by now. XP clients are legacy and should be taken out back and shot. Older mobile phones are enormous security risks.