Ask HN: Is TLS 1.2 broken (enough)?
While reading about the Great Chinese Firewall blocking all TLS 1.3 traffic I was wondering why they allow TLS 1.2 traffic? My first guess would be that the web would be unusable without it ... but on the other hand, I can't imagine they are allowing vast amounts of traffic that can't be snooped on. Is TLS 1.2 broken enough, so that they are able to gather all (meta)data they need?
2 comments
[ 3.1 ms ] story [ 16.4 ms ] threadSo yes, TLS 1.2 and TLS 1.3 without ESNI are revealing metadata about the sites you visit, even though the connection itself is encrypted.