Today Cloudflare added more information that Firefox has already added
the support for ESNI in Nightly.
https://blog.cloudflare.com/encrypt-that-sni-firefox-edition/
Looks like ssl_bump is going to break once ESNI and Encrypted DNS are
universal. (Ofcourse it may be few years away)
Probably only way out to detect the domain name would be by implementing
CONNECT proxy instead of transparent one.
I am happy with complete encryption all over but its going to be more
and more difficult to convince bosses!! :D
Regards,
Amish.
On 19/10/18 11:26 AM, Eliezer Croitoru wrote:
I have seen this post and I was wondering, is this the next step of
SSL encryption?
Eliezer
-------- Original Message --------
Subject: Fwd: Encrypted SNI
Date: 2018-10-03 20:40
From: Владислав Толмачев <tolmachev.v...@gmail.com>
To: ng...@nginx.org
Reply-To: ng...@nginx.org
When nginx will emplemented Encrypted SNI support?
Cloudflare already do this,
https://www.cloudflare.com/ssl/encrypted-sni/
_______________________________________________
nginx mailing list
ng...@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users