Texonom
Texonom/
Application
Application/Network Science/ICT/Computer Network/Network Agreement/Network Protocol/TLS/SNI/
ESNI
Search

ESNI

Creator
Creator
Seonglae ChoSeonglae Cho
Created
Created
2021 May 26 3:18
Editor
Editor
Seonglae ChoSeonglae Cho
Edited
Edited
2021 Jun 1 2:3
Refs
Refs

Encrypted Server Name Indication

TLS 1.3을 전제로 한 확장 규격
클라이언트 브라우저에 서버의 공개키가 전달되는 시점을 DNS 통신 단계로 앞당겨서, 서버와 연결하는 시점에 해당 공개키로 도메인이 암호화될 수 있도록 하는 것
중국에서 TLS 1.3패킷을 검사하여 ESNI가 사용 중이면 연결을 끊는 사례
 
 
 
cloudflare/tls-tris
crypto/tls, now with 100% more 1.3. THE API IS NOT STABLE AND DOCUMENTATION IS NOT GUARANTEED. Since crypto/tls is very deeply (and not that elegantly) coupled with the Go stdlib, tls-tris shouldn't be used as an external package. It is also impossible to vendor it as crypto/tls because stdlib packages would import the standard one and mismatch.
cloudflare/tls-tris
https://github.com/cloudflare/tls-tris
cloudflare/tls-tris
 
 

Recommendations

Texonom
Texonom/
Application
Application/Network Science/ICT/Computer Network/Network Agreement/Network Protocol/TLS/SNI/
ESNI