|
|
|
|
|
|
by yorwba
2127 days ago
|
|
|
According to https://www.zdnet.com/article/china-is-now-blocking-all-encr... only the combination of TLS 1.3 with ESNI (encrypted server name identification) is blocked completely. If you use TLS 1.3 with unencrypted server names, the Great Firewall can decide whether to allow a connection or not based on the website you want to visit, but with ESNI, fine-grained blocking becomes impossible. So yes, TLS 1.2 and TLS 1.3 without ESNI are revealing metadata about the sites you visit, even though the connection itself is encrypted. |
|
|