Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
discreditable
9y ago
0 comments
Save
Share
Basic filtering can be done via passively inspecting SNI headers and terminating connections to verboten hosts. However, that's not enough for some orgs, and some software works around it:
https://www.bamsoftware.com/papers/fronting/
0 comments
1 comments · 1 top-level
top
newest
oldest
ec109685
9y ago
Even simple tls handshake filtering is broken with BlueCoat's implementation.
j
/
k
navigate · click thread line to collapse
