Say (an encrypted) hello to a more private internet | The Mozilla Blog
Say (an encrypted) hello to a more private internet | The Mozilla Blog
blog.mozilla.org
Say (an encrypted) hello to a more private internet | The Mozilla Blog
10 comments
10 comments
Interesting I didn't even know SNI was a thing. But ISPs etc could still reverse lookup the IP I'm connecting to, right? Only in the case where IPs don't 1:1 map to domain names does this actually increase privacy, right?
For the most part yeah, but with limited IPv4, there can be multiple servers that share the same IP separated under a NAT. Definitely don't assume you're anonymous though. If it was IPv6 then it'd be 1:1 map to a specific domain.
I'm not sure this is (always) true.
I might rent a VPN, and that VPN may have an IPv6. But I could host a dozen services on it, behind a reverse proxy, and there would still only be one IP.
With services like cloudflares WAF for things like DDOS protection becoming more prevalent, the connection from the client would first pass through a shared IP before being proxied to the actual server.
So; yes, but IPs:domains quite often don't map 1:1, increasingly so.