badssl.com icon indicating copy to clipboard operation
badssl.com copied to clipboard

Published 20 hours ago verified publisher icon chromium

Encrypted SNI?

Open lgarron opened this issue 7 years ago • 3 comments

Encrypted SNI might become a thing!

It might be possible to handle this in nginx, although a separate port/IP would probably the most practical.

lgarron avatar Jul 15 '18 20:07 lgarron

Interesting related refs:

https://datatracker.ietf.org/doc/draft-ietf-tls-sni-encryption/ https://tools.ietf.org/html/draft-rescorla-tls-esni https://www.ietf.org/proceedings/94/slides/slides-94-tls-8.pdf https://news.ycombinator.com/item?id=16565368 https://huitema.wordpress.com/2017/09/12/cracking-the-sni-encryption-nut/

roycewilliams avatar Jul 15 '18 21:07 roycewilliams

It already became a thing with Firefox nightly, is it happening in Chromium ?

Looks like it got bug tracker few days ago - https://crbug.com/908132

uBlock-user avatar Nov 30 '18 07:11 uBlock-user

Looks like the crbug now has an about:flags entry for ECH (the evolution of eSNI): https://crbug.com/1091403#c36 and I have the option turned on in canary. However, ECH is still an evolving standard, so perhaps it would be more beneficial to wait for the RFC.

judge2020 avatar Jun 20 '22 03:06 judge2020