[zimbatm]

ISPs can sniff the hostname from the HTTPS Server Name Indicator (SNI) headers because they are transmitted in clear.

The next step will be to deploy the TLS 1.3 Encrypted Server Name Indicator (ESNI)[1].

[1]: https://tools.ietf.org/html/draft-ietf-tls-esni-03