this post was submitted on 29 Jan 2024
1 points (100.0% liked)

Privacy

4016 readers
23 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
[email protected]
1
Is it true that only the website name is visible to ISPs? (lemmy.world)
submitted 7 months ago by [email protected] to c/[email protected]
1 comments fedilink hide all child comments
 

I've heard this is true for https, but I'm unsure.

top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 1 points 7 months ago

Yes, https hides most things but leaks the sni (server name indicator. We came up with a solution called esni (encrypted sni), but that also had issues. It didn't have much adoption before esni got replaced with ech (encrypted hello). Cloudflare actually has a neat website to check if your browser is supporting ech.

You can learn more about it here, it's pretty cool! https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update/