Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
jacooper
9 months ago
|
parent
|
context
|
favorite
| on:
Encrypted Client Hello
This wouldn't be possible with dnssec right?
Anunayj
9 months ago
[–]
Yes, however it defeats one of the main point of ECH, that is encrypting the SNI. Since the domain is leaked in plaintext DNS.
jacooper
9 months ago
|
parent
[–]
Why? You can just use DNS-over-TLS/HTTPS + dnssec + ECH + TLSv1.3 and then you should have a unblockable website(outside of IP address bans).
Anunayj
8 months ago
|
root
|
parent
[–]
Ah yes, sorry I thought you meant can't we just use plaintext DNS + DNSSEC.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search: