[squid-users] Is this the next step of SSL encryption? Fwd: Encrypted SNI
Amish
anon.amish at gmail.com
Fri Oct 19 08:01:42 UTC 2018
Today Cloudflare added more information that Firefox has already added
the support for ESNI in Nightly.
https://blog.cloudflare.com/encrypt-that-sni-firefox-edition/
Looks like ssl_bump is going to break once ESNI and Encrypted DNS are
universal. (Ofcourse it may be few years away)
Probably only way out to detect the domain name would be by implementing
CONNECT proxy instead of transparent one.
I am happy with complete encryption all over but its going to be more
and more difficult to convince bosses!! :D
Regards,
Amish.
On 19/10/18 11:26 AM, Eliezer Croitoru wrote:
> I have seen this post and I was wondering, is this the next step of
> SSL encryption?
>
> Eliezer
>
> -------- Original Message --------
> Subject: Fwd: Encrypted SNI
> Date: 2018-10-03 20:40
> From: Владислав Толмачев <tolmachev.vlad at gmail.com>
> To: nginx at nginx.org
> Reply-To: nginx at nginx.org
>
> When nginx will emplemented Encrypted SNI support?
> Cloudflare already do this,
> https://www.cloudflare.com/ssl/encrypted-sni/
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
More information about the squid-users
mailing list