Y
Hacker News
new
|
ask
|
show
|
jobs
by
icebraining
4704 days ago
Nope, the domain is always visible on HTTPS, due to SNI. They can just block it.
1 comments
mrweasel
4704 days ago
Older Win XP machines doesn't support SNI, so you could get around it with an older machine. Of cause that's a problem that will go away over time.
link
icebraining
4704 days ago
To connect to an HTTPS site without SNI, the IP can only host a single domain, so they can just block the whole (IP:443) combination without affecting any other site.
link
cmircea
4704 days ago
What if the IP is dynamic? Say an Azure Cloud Service.
link
mpyne
4704 days ago
I think the problem is that you'd need a different X.509 certificate for TLS, for each and every single IP.
link
cmircea
4704 days ago
The certificate is issued for the domain, not the IP.
link