On Sat, Aug 21, 2021 at 10:28:04AM +0200, Wouter Verhelst wrote: > On Thu, Aug 19, 2021 at 10:11:33PM +0000, Jeremy Stanley wrote: > > On 2021-08-19 16:37:13 -0400 (-0400), Kyle Edwards wrote: > > > On 8/19/21 3:46 PM, Simon Richter wrote: > > > > For the most part, users would configure https if they are behind a > > > > corporate firewall that disallows http, or modifies data in-flight so > > > > signature verification fails, everyone else is better off using plain > > > > http. > > > > > > Or they might configure https on the sheer principle of not wanting to > > > have > > > their traffic hoovered up by their ISP or anyone else who might be > > > listening. > > > > While this does complicate it, a snooping party can still know the > > site they're connecting to via SNI happening unencrypted, > > SNI is not unencrypted if you do TLS1.3... > It is, though... ECH (née ESNI) https://datatracker.ietf.org/doc/draft-ietf-tls-esni/ is still WIP.
Cheers, Julien
