False dichotomy with SNI vs IP blocking ... SNI is a lie

echdeploy / draft-ech-deployment-considerations

IETF draft describing TLS ECH deployment considerations

Other

4 stars 1 forks source link

False dichotomy with SNI vs IP blocking ... SNI is a lie #43

Open taddhar opened 1 year ago

taddhar commented 1 year ago

IETF 115 side meeting:

"Tommy J File (technical) issues on Github, needs to happen to have an impact False dichotomy between encrypting SNI and blocking things. IP-based reputation is a well-established option to help detect problematic traffic without needing to decrypt. The SNI is a lie (ie is falsified)"

taddhar commented 1 year ago

This one relates to other issues: #61 #42 #33 #32

this is the big topic for -06