On Sun, 12 Jan 2020, Nico Schottelius wrote: > > Good morning, > > I was wondering what you think about SNI (server name indication) > support to OpenSSH? I think SNI would be problematic because (until very recently) it requires that clients advertise which host they'd like to connect to in the clear. However, ESNI[1] (encrypted SNI) is nearing standardisation and it might be possible to adapt that protocol for SSH. I'd rather follow something that has had lots of cryptographic review than cook up something for SSH alone. -d [1] https://tools.ietf.org/html/draft-ietf-tls-esni-05 _______________________________________________ openssh-unix-dev mailing list openssh-unix-dev@xxxxxxxxxxx https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
