TLS Encrypted Client Hello (formerly ESNI) Enters Draft Status

This is a puzzling submission. On the 1st of June an updated eSNI draft, draft-ietf-tls-esni-07 was published with a new name reflecting the approach of encrypting more of the Client Hello rather than just SNI, but &quot;draft status&quot; isn&#x27;t a thing, except in the sense that a draft either exists or does not, and this one exists.<p>This Internet Draft was formally adopted by the TLS working group in 2018.<p>If you have valuable technical input for this work, or indeed any of TLS, you should subscribe to the TLS working group, familiarise yourself with the culture and pitch in - but there doesn&#x27;t seem to any particular reason it&#x27;s more relevant to Hacker News today than last week or next month.

Posted 9 days ago: <a href="https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=23430934" rel="nofollow">https:&#x2F;&#x2F;news.ycombinator.com&#x2F;item?id=23430934</a><p>BoringSSL ticket for implementation: <a href="https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;boringssl&#x2F;issues&#x2F;detail?id=275" rel="nofollow">https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;boringssl&#x2F;issues&#x2F;detail?id=275</a><p>Chromium ticket, blocked on above: <a href="https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=1091403" rel="nofollow">https:&#x2F;&#x2F;bugs.chromium.org&#x2F;p&#x2F;chromium&#x2F;issues&#x2F;detail?id=109140...</a>

If we trust DNS to publish the SNI public keys, why don&#x27;t we trust it for the website certificate in the first place?

As a user, I will continue to favour websites that do not use shared hosting. They do not require SNI.<p>SNI is an interesting experiment. One could argue it benefits users because it has made it less expensive for websites to provide TLS, and therefore there has been more use of TLS, however at the same time it takes users a step back in terms of privacy. Before SNI, SSL&#x2F;TLS websites never leaked hostnames. Even a user who is using &quot;encrypted DNS&quot; (not the DNScurve kind) or who is not even using DNS at all (she already has the server IP address) ends up leaking hostnames when she accesses websites requiring SNI. That&#x27;s all of Cloudflare and many other hosting providers&#x2F;CDNs. The whole exercise makes it trvially easy to track the usage habits of users by sniffing the plaintext TLS setup traffic. Whatever was gained by using SNI to achieve virtual hosting for TLS must be offset by the amount of user privacy sacraficed.<p>Not surprising one of the sponsors of this draft is an enormous user of SNI in its hosting business.<p>ESNI is a noble idea however it is riddled with complexity. As a user concerned about leaking hostnames, nothing beats a good old-fashioned TLS website on a decicated IP addresss. There are still plenty of those around.