|
|
|
|
|
|
by yardstick
2623 days ago
|
|
|
IP level is too coarse grained to block sites hosted on Cloudflare etc which host sites you also wish to allow access to. SNI filtering is a reasonable middle ground - it has its flaws but nowhere near invasive as full MITM filtering yet achieves most of the filtering objectives of the organisation. Ie it is “good enough”. Sadly ESNI may be the end of usefulness of this approach. |
|
|