Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Vladimir
Champion
Champion

What are the implications of the Encrypted SNI During TLS Negotation?

The SNI has been a major pain for HTTPS inspection for quite a while and I was told that CP is working on it.

Today I am seeing the article about CloudFlare implementing Encrypted SNI During TLS Negotation:

Cloudflare Improves Privacy by Encrypting the SNI During TLS Negotation 

Can anyone chime in on how this will impact our ability to use HTTPS inspection?

2 Replies
PhoneBoy
Admin
Admin

I don't see this having a lot of impact initially, given that browsers will also need to support this and the spec is draft.

It will definitely be something we have to track going forward.

I can see this being problematic in situations where HTTPS Categorization is done, where SNI is the only way you can figure out what service the end user is truly accessing. 

Vladimir
Champion
Champion

Well, it did not take long for this to move from theoretical to practical issues:

https://blog.mozilla.org/security/2018/10/18/encrypted-sni-comes-to-firefox-nightly/ 

Firefox now supports encrypted SNI.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events