One case where it might help is shared hosting: you don't know which of the domains hosted on that IP you're accessing. Narrows it down to just a few though, so IMHO not a big improvement.
> One case where it might help is shared hosting: you don't know which of the domains hosted on that IP you're accessing.
That depends on your level of access/monitoring: if it's just a firewall log that shows source/destination IP, then yes - but as soon as you have any kind of packet monitoring, then the domain can be easily sniffed from the SNI header.
You'll need to mask page size if your trying to hide your access, even on a shared host with 100 domains I doubt you'll have pages where the byte-size isn't unique.
I think with https the results were something like 90% of page access could be guessed using meta-data (see eg https://web.archive.org/web/20090308103611/http://sysd.org/s...). That's going to drop when you don't know the site but you're going to need more counter-measures to hide your access effectively.
That depends on your level of access/monitoring: if it's just a firewall log that shows source/destination IP, then yes - but as soon as you have any kind of packet monitoring, then the domain can be easily sniffed from the SNI header.