A draft for ESNI has been published, which encrpyts the server_name and replaces it with encrypted_server_name, I believe without this feature all the TLSv1.3 handshakes with ESNI enabled will give blank for server_name, which makes it hard to determine which virtual host the traffic is intended for.
A draft for ESNI has been published, which encrpyts the
server_name
and replaces it withencrypted_server_name
, I believe without this feature all the TLSv1.3 handshakes with ESNI enabled will give blank forserver_name
, which makes it hard to determine which virtual host the traffic is intended for.