Today Cloudflare added more information that Firefox has already added
the support for ESNI in Nightly.
https://blog.cloudflare.com/encrypt-that-sni-firefox-edition/
Looks like ssl_bump is going to break once ESNI and Encrypted DNS are
universal. (Ofcourse it may be few years away)
Probably only way out to detect the domain name would be by implementing
CONNECT proxy instead of transparent one.
I am happy with complete encryption all over but its going to be more
and more difficult to convince bosses!! :D
Regards,
Amish.
On 19/10/18 11:26 AM, Eliezer Croitoru wrote:
I have seen this post and I was wondering, is this the next step of
SSL encryption?
Eliezer
-------- Original Message --------
Subject: Fwd: Encrypted SNI
Date: 2018-10-03 20:40
From: Владислав Толмачев <tolmachev.vlad@xxxxxxxxx>
To: nginx@xxxxxxxxx
Reply-To: nginx@xxxxxxxxx
When nginx will emplemented Encrypted SNI support?
Cloudflare already do this,
https://www.cloudflare.com/ssl/encrypted-sni/
_______________________________________________
nginx mailing list
nginx@xxxxxxxxx
http://mailman.nginx.org/mailman/listinfo/nginx
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
