Y
Hacker News
new
|
ask
|
show
|
jobs
by
Snawoot
965 days ago
TLS 1.3 encrypts server certificate, so it will not be possible to filter such connections out using just passive inspection.
1 comments
darkarmani
964 days ago
Instead of a pihole, you'd run a https proxy that doesn't trust the certs i guess.
link
Snawoot
954 days ago
Which https proxy you're referring to? HTTP proxies capable of forwarding HTTPS just offer HTTP CONNECT method, which allows client to tunnel regular TCP connection and HTTPS inside it. These proxies do not do anything with certificates.
link