"Proxy Certificates: The Missing Link in the Web’s Chain of Trust"
- https://arxiv.org/pdf/1906.10775.pdf …
cc @jedisct1
Also I’m not sure what point you are referring to, but ESNI does nothing against clients still trusting a name after a owner change.
-
-
That’s the main reason for using proxy certificates. Clients can trust this one instead of the CA (or any CA since most DoH clients don’t care at all).
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
Sorry, I was only referring to "DoH can easily be detected and blocked using SNI inspection."
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.