Jeremy Stanley <fu...@yuggoth.org> writes: > While this does complicate it, a snooping party can still know the > site they're connecting to via SNI happening unencrypted,
I believe this can be fixed with TLS 1.3? > and packet sizes/pacing likely give away which pages or files are > being retrieved based on their length. Yes, probably looking into territory where you'd not want to directly access any public service at all here.. > And that's not even getting into > how "trusted" certificate authorities give away certificates for any > hostname if your MitM knows the right people, Debian is among the few who publish TLSA records (DANE). Which is still pretty useless for normal web srvices since the major browser vendors refuse to support it. But TLSA validation could easily be implemented in apt-transport-https. Maybe it is? That would prevent this problem. > and CDNs are now in > the business of snooping on everyone's traffic for sites where they > handle SSL/TLS termination. HTTPS as deployed on the open Internet > is a sip of security with several gulps of theater. Not much to do if you don't trust your own servers, whether they are CDN frontends or whatever. Bjørn
