-
Type:
Enhancement
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: None
-
Component/s: security-libs
-
None
An internet draft is gaining traction to make TLSv1.3 Client Hellos encrypted.
https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
https://blog.cloudflare.com/encrypted-client-hello/
https://blog.cloudflare.com/encrypted-sni/
There seems to be lots of interest in this enhancement, as it solves some of the TLSv1.3 confidentiality issues by having fields such as SNI/ALPN no longer communicated in the clear.
We should add support for this when it has been issued as an RFC.
https://datatracker.ietf.org/doc/draft-ietf-tls-esni/
https://blog.cloudflare.com/encrypted-client-hello/
https://blog.cloudflare.com/encrypted-sni/
There seems to be lots of interest in this enhancement, as it solves some of the TLSv1.3 confidentiality issues by having fields such as SNI/ALPN no longer communicated in the clear.
We should add support for this when it has been issued as an RFC.
- relates to
-
-
- Closed
-