home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.misc      General topics about computers not cover      21,759 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 20,366 of 21,759   
   Lawrence D'Oliveiro to Grant Taylor   
   Re: [LINK] Calling time on DNSSEC?   
   04 Dec 24 05:49:44   
   
   From: ldo@nz.invalid   
      
   On Tue, 3 Dec 2024 22:51:00 -0600, Grant Taylor wrote:   
      
   > On 12/3/24 20:02, Lawrence D'Oliveiro wrote:   
   >   
   >> That requires a separate protocol on top of TLS.   
   >   
   > My understanding is that ESNI is part of TLS.   
      
   It can’t be. TLS cannot start encryption on HTTP until it gets a cert that   
   identifies the server. That cert depends on the domain name. Which comes   
   from the “Host:” header line from the client. Which is why that cannot be   
   sent encrypted.   
      
   --- SoupGate-DOS v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca