|
|
|
|
|
|
by willglynn
2864 days ago
|
|
|
TLS 1.3 still has SNI. SNI still transmits server names in the clear, just like always. This enables e.g. blocking a specific hostname without blocking an entire CDN, particularly now that CDNs are trying to stop domain fronting. Some people were working on encrypted SNI during TLS 1.3's development, so that TLS could encrypt server names sort of like how it encrypts all later traffic. Encrypted SNI didn't make it into TLS 1.3. |
|
|