https - hopefully not too stupid a question
Ben Laurie
ben at links.org
Mon Jun 18 15:55:43 BST 2012
On Mon, Jun 18, 2012 at 2:19 PM, Chris Edwards
<chris-ukcrypto at lists.skipnote.org> wrote:
> On Sun, 17 Jun 2012, Ben Laurie wrote:
>
>> Marsh Ray has a proposal to encrypt extensions. Unfortunately the
>> version that encrypts SNI takes an extra round trip.
>>
>> http://tools.ietf.org/html/draft-ray-tls-encrypted-handshake-00
>
> Interesting - thanks for that.
>
> When looking into https recently, I was a little surprised to discover
> this stuff wasn't already encrypted.
>
> But there you go.
Indeed. Should be noted that its not really possible to protect SNI
fully - a mitm would still be able to see it.
More information about the ukcrypto
mailing list