Is there a practicable way to amend TLS so it doesn’t leak domain names to a passive listener?
yes, but I’m talking strictly about TLS, because with DNS you can mitigate by caching or tunneling the lookups
-
-
Then you're fine because in the main you're talking to Akamai, who are used by everybody ;-)
-
Also if you cache or tunnel your DNS lookups you'll wind up talking to edge servers in Russia, which, you know
End of conversation
New conversation -
-
-
Not without adding additional round-trips to the protocol, and would still be vulnerable to active MitM.
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.