Y
Hacker News
new
|
ask
|
show
|
jobs
by
mumblemumble
2087 days ago
SNI doesn't encrypt the desired hostname in the payload of the initial connection. It's still plainly visible to an eavesdropper. They can also observe un-encrypted DNS lookups.
1 comments
skissane
2087 days ago
eSNI is going to fix that
https://tools.ietf.org/html/draft-ietf-tls-esni-07
link
https://tools.ietf.org/html/draft-ietf-tls-esni-07