https - hopefully not too stupid a question

Chris Edwards chris-ukcrypto at
Sun Jun 17 15:38:20 BST 2012

On Sun, 17 Jun 2012, Roland Perry wrote:

> In article <4FDDE873.8020906 at>, Peter Fairbrother
> <zenadsl6186 at> writes
> > 
> > The URL is (or should be) encrypted if there is a "s" in the http(s) part.
> So all the connectivity ISP knows is the IP address of the https server, which
> is back to the situation under RIPA 21(6).

Modern browsers send the hostname (ie. upto first single slash) 
in the clear, in order to facilities named-based virtual hosting
for https.  See:

Often, this is not hugely different from simply knowing the IP address of 
the server.  But in some cases, knowing the service name may make it 
slightly easier to know what's being accessed.

More information about the ukcrypto mailing list