Some toots ago, I spoke about doing this neat PROXY protocol thing for many hosts at the same time based on what @beasts does.

I finally wrote an article on how to achieve it: https://ryan.lahfa.xyz/en/one-trick-to-build-a-tls-enabled-empire-with-only-one-legacy-ip.html

It is running in production on this very server with success! (and many others!!)

#nixos #ipv6 #sni

@wxcafe I think that with @0x2ba22e11' suggested actual use of port numbers, I might be inclined to agree.

Currently the inability to reach a lot of servers directly because they rely on #SNI to route requests properly is a problem that lends itself to #DNS-level censorship & blocking.

Technically #EncryptedSNI mitigates that but... barely anyone uses it and that requires using tunneling over #TLS.

I still think #petnames with direct reachability are superior & simpler though.

@tdp_org How many of those get 4xx/5xx response codes? I've seen that for some sites the non-SNI traffic has a high portion of errors.

Over half of our customer configurations with virtual IPs now see 99.9977% of requests arrive with a valid SNI. Some sites are far below that, and I do see the same thing that it is usually bots and custom clients/scripts that don't send #SNI. It's great that #TLS SNI-only is now viable for the vast majority of HTTPS use-cases.

@GossiTheDog @tdp_org To test a thumbnailer or search bot for #SNI support, https://check-tls.akamaized.net is a useful tool since it returns stats on how it was connected to. (Sorry, no #TLS 1.3 there yet.)

TLS - Wyciek informacji przez rozszerzenie Server Name Indication (SNI) ( https://nfsec.pl/security/6025 ) #ssl #tls #sni #security #twittermigration

Y seguimos sin el correo del #sni para firma de convenios

Zapalmy flarę nad CloudFlare ( https://nfsec.pl/pentest/5878 ) #ssl #sni #san #nginx #information_retrieval #twittermigration

Sardigna Natzione Indipendèntzia - #SNI ha continuato a mantenere il proprio castello identitario con la linea indipendentista.

Parteciperà alla creazione di un percorso politico assieme al Fronte Indipendentista e a Progetu Repùblica chiamato Alternativa Natzionale, ma diversi mesi dopo confluirà in Autodeterminatzione - #ADN assieme ad altre sigle indipendentiste (fra cui la neonata #LibeRU ed i resti di #IRS) ed autonomiste per partecipare alle elezioni regionali del 2019.

Il y a deux moyens, pour un espion, de savoir quel service
visite un utilisateur sur l'Internet, MÊME EN CAS DE CHIFFREMENT PAR #TLS : le DNS et #SNI, le Server Name Indication, qui est transmis par TLS en clair.

Pour le DNS, on s'occupe de boucher ce trou. Mais pour le SNI ? Le chiffrer ? Mais justement, le serveur TLS en a besoin avant de commencer à chiffrer.

Bref, un problème difficile, pas encore résolu. On a un cahier des charges du problème, le #RFC 8744 https://www.bortzmeyer.org/8744.html

Registro Opsu- SNI 2020.
PASO A PASO

Querido estudiante antes de llenar el Registro debes tener claro que Carreras Universitarias quieres estudiar y qué Universidad la ofrece

1️⃣ *Ingresa a:* http://ingreso.opsu.gob.ve

2️⃣ *Haz Click en:* Aspirante.

El procedimiento completo lo puede observar en el siguiente enlace:

https://m.facebook.com/story.php?story_fbid=10158388645622290&id=774512289

#Opsu #sni

Equipo de Opsu Amazonas con apoyo del MinCyT Fundacite se mantiene activo brindando apoyo a docentes de educación media en el proceso de registro de estudiantes al Sistema Nacional de Ingreso Universitario
#SNI #Opsu

@Nicolas_Maduro
@GobAmazonas

Comment activer le chiffrement SNI (encrypted SNI) ? – Korben
https://korben.info/comment-activer-le-chiffrement-sni-encrypted-sni.html

#privacy #dns #sni — https://links.kalvn.net/?CD0vzw

Encrypted #SNI sounds like it fixes a long-standing weakness in SNI. This is really interesting. #mozilla, #security #https

I once asked a candidate if they knew what SNI was. He replied that it was the thing that let him know what web sites people were going to even though they were using https. Correct answer I suppose.

https://blog.mozilla.org/security/2018/10/18/encrypted-sni-comes-to-firefox-nightly/