|
|
|
|
|
|
by judge2020
1524 days ago
|
|
|
> don’t _appear_ to be snooping on me in any meaningful way. SNI is cleartext enough to be passively logged, so you never know. Maybe some government-mandated (or supplied) switch is logging them to some short-lived log file in case they ever need to pull your hostname history. Note that SNI sniffing protection is in the works by encrypting the client hello[0]. While it's been in draft for some years now, Chrome has a lot of work being put into it[1], so hopefully it'll be done sometime next year with support within Cloudflare and browsers soon after. 0: https://datatracker.ietf.org/doc/draft-ietf-tls-esni/?includ... 1: https://bugs.chromium.org/p/chromium/issues/detail?id=109140... (comment 20 onwards) |
|
|