x509 certificates are still exposed even with Encrypted Client hello?
Encrypted Client Hello hides Server Name Indication (SNI). However, looking at the TLS Handshake (https://tls12.ulfheim.net/). Wouldn’t it be possible for a middle-man to inspect the TLS Handshake and sniff ServerHello to see the x509 cert… Continue reading x509 certificates are still exposed even with Encrypted Client hello?