[squid-users] R: Is this the next step of SSL encryption? Fwd: Encrypted SNI

Eliezer Croitoru eliezer at ngtech.co.il
Sat Oct 20 22:25:38 UTC 2018 

I believe that eventually some of these features would be targeted by 
the overall security community.
Security from one hand has encryption as a tool but it was already 
proven that obscurity is not really security.
In fact until now from what I know many of the more sane clients in the 
private and the public sector prefer to be able to cope with specific 
issues directly and not hide them.
Like in the hardware world complex functions were embedded into 
different types of CPU's or PU's and the large sector wants and needs 
it,
the Internet clients and users already understands that they want to be 
able to have some control either by a proxy service provider or by other 
means.
Just the other day I entered a "secured" site which is under the trust 
of a well know RootCA and what I got was a bunch of pop ups with exactly 
the things I want and need ie:
- Women underwear (with a demo how the body looks with and without the 
underwear) Whaaaat? yes I do not have an issue with that but Whaaat? I'm 
a man I need a working man shirts for work..
- The best Porn addiction solution. I am most of the day work with CLI 
or a text editor or System administration utilities.
- How to operate a specific software which I have never heard about.
....

It's nice to have some laugh while working but my co-worker (a women) 
didn't liked the idea and I agree with her.

And nothing less then that, CloudFlare was hosting or proxying to these 
sites acting as a frontend.


Thanks All,
Eliezer


On 2018-10-21 00:57, Alex Rousskov wrote:
> On 10/20/18 12:00 AM, Troiano Alessio wrote:
> 
>> Also if client will use ESNI, the server should response with a 
>> certificate that will be in clear
> 
> Starting with TLS v1.3, the server certificate is encrypted.
> 
> Alex.
> _______________________________________________
> squid-users mailing list
> squid-users at lists.squid-cache.org
> http://lists.squid-cache.org/listinfo/squid-users

-- 
----
Eliezer Croitoru
Linux System Administrator
Mobile: +972-5-28704261
Email: eliezer at ngtech.co.il

More information about the squid-users mailing list