L4sBot@lemmy.worldMB to Technology@lemmy.worldEnglish · 1 year agoMan Found Guilty of Child Porn, Because He Ran a Tor Exit Nodelowendbox.comexternal-linkmessage-square51fedilinkarrow-up1323arrow-down17file-textcross-posted to: [email protected][email protected][email protected][email protected]
arrow-up1316arrow-down1external-linkMan Found Guilty of Child Porn, Because He Ran a Tor Exit Nodelowendbox.comL4sBot@lemmy.worldMB to Technology@lemmy.worldEnglish · 1 year agomessage-square51fedilinkfile-textcross-posted to: [email protected][email protected][email protected][email protected]
minus-squarebeatlelinkfedilinkEnglisharrow-up8·1 year ago The Server Name Identification (SNI) standard means that the hostname may not be encrypted if you’re using TLS. Also, whether you’re using SNI or not, the TCP and IP headers are never encrypted. (If they were, your packets would not be routable.) https://stackoverflow.com/questions/187655/are-https-headers-encrypted#187679
minus-squaresloppy_diffuser@sh.itjust.workslinkfedilinkEnglisharrow-up3·1 year agoThere is work to hopefully improve this situation for SNI at least: https://datatracker.ietf.org/doc/draft-ietf-tls-esni/.
minus-squareFindmysec@infosec.publinkfedilinkEnglisharrow-up1·6 months agoAs it turns out, eSNI (to take that forward, eCH) has become common in modern browsers with a supported DNS provider
https://stackoverflow.com/questions/187655/are-https-headers-encrypted#187679
There is work to hopefully improve this situation for SNI at least: https://datatracker.ietf.org/doc/draft-ietf-tls-esni/.
As it turns out, eSNI (to take that forward, eCH) has become common in modern browsers with a supported DNS provider