Christopher Wood <c...@heapingbits.net> writes: >For the benefit of the list, would you mind sharing these references?
I handwaved this one because I don't catalogue these things and didn't want to try and re-locate every preprint, paper, and report that's drifted across my desk in the last 6-12 months to try and find the relevant stuff... a recent one that I remember because it was published just a few days ago at Usenix Security after existing as an arXiv preprint for over a year, that's not ESNI but eDNS so almost the same thing, was "Padding Ain't Enough: Assessing the Privacy Guarantees of Encrypted DNS" which reports, and references other papers which report, an 80-90% success rate in de-anonymising encrypted DNS. The ESNI de-anonymisation is the standard web-site fingerprinting that's been used in the past to e.g. find people's incomes based on their encrypted traffic to tax filing sites. In other words it doesn't care whether ESNI is used or not since it doesn't use it. Peter. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
