But such an attacker would need to know that the content was downloaded from the... | Hacker News

HN2new | past | comments | ask | show | jobs | submit

		fungizid on Sept 22, 2020 \| parent \| context \| favorite \| on: The Kivaloo Data Store But such an attacker would need to know that the content was downloaded from the Tarsnap website, right? If TLS is configured with Encrypted SNI, the handshake no longer reveals server information and thereby TLS does add privacy. (However, Encrypted SNI is not widely adopted yet.)

cperciva on Sept 22, 2020 [–]

The IP address alone will tell you that they're accessing the Tarsnap website.

fungizid on Sept 22, 2020 | [–]

I had a wrong understanding of what Encrypted SNI does and does not do. Thank you for the response.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact