this post was submitted on 29 Jan 2024
14 points (100.0% liked)

Privacy

4211 readers
31 users here now

A community for Lemmy users interested in privacy

Rules:

  1. Be civil
  2. No spam posting
  3. Keep posts on-topic
  4. No trolling

founded 1 year ago
MODERATORS
iopq@lemmy.world
14
Is it true that only the website name is visible to ISPs? (lemmy.world)
submitted 9 months ago by FlickeringScreens@lemmy.world to c/privacy@lemmy.world
5 comments fedilink hide all child comments
 

I've heard this is true for https, but I'm unsure.

you are viewing a single comment's thread
view the rest of the comments
[โ€“] moon@lemmy.cafe 9 points 9 months ago (1 children)

Yes, https hides most things but leaks the sni (server name indicator. We came up with a solution called esni (encrypted sni), but that also had issues. It didn't have much adoption before esni got replaced with ech (encrypted hello). Cloudflare actually has a neat website to check if your browser is supporting ech.

You can learn more about it here, it's pretty cool! https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update/

[โ€“] iopq@lemmy.world 1 points 9 months ago

Yeah, but DoH is blocked in China and Firefox doesn't enable them separately

It seems like I should be able to use ECH and dnscrypt together, for example

https://bugzilla.mozilla.org/show_bug.cgi?id=1500289