Y
Hacker News
new
|
ask
|
show
|
jobs
by
commandlinefan
2082 days ago
We have SNI because it's needed to support virtual hosting, which we really only need because IPv4 addresses are scarce. If we could ever get to IPv6, SNI could be retired completely.
2 comments
occamrazor
2082 days ago
True, but then IP based blocking would be highly effective.
link
mindslight
2082 days ago
Sure, but the security vulnerability of unencrypted SNI is still present with IP based vhosts - the destination IP precisely identifies the site.
link