Y
Hacker News
new
|
ask
|
show
|
jobs
by
icebraining
4224 days ago
And even without SNI (e.g. IE on XP), there must be only one SSL site hosted on that particular IP, so the attacker can just connect to it and see what site (s)he gets.