But since there’s no ability to share IPs between different sites without SNI, haven’t you just made things easier for censors/snoops? Instead of having to sessionize TCP and decode TLS, they can get everything they need with stateless L3 monitoring.
