Y
Hacker News
new
|
ask
|
show
|
jobs
by
szmarczak
111 days ago
I am talking about TLS fingerprinting, not JS fingerprinting.
> Please elaborate how else TLS fingerprinting can be done.
By doing everything as it is right now?
1 comments
hzwanip
111 days ago
How would you (an arbitrary web server) fingerprint a TLS connection if the Client Hello is encrypted?
link
conradludgate
111 days ago
The website owner (or cloudflare in this case) has the keys to decrypt the client hello. That's necessary for routing information.
link
hzwanip
111 days ago
You're right, sorry! I got confused myself.
link
szmarczak
111 days ago
By decrypting it? I don't think you know how TLS, or E2E works in general. ISP doesn't perform the fingerprinting, the server does.
link
hzwanip
111 days ago
Of course! My bad, thanks for engaging.
link