On Thu, 04 Jul 2013 20:55:53 +0000, anonymous coward wrote: > When you connect to a SSL secured web site, is the URL itself encrypted > or can an attacker see the full URL?
No, the full URL is only in the encrypted stream. But at least the DNS query beforehand will give away the host name, as will the SNI extension or shttp. Andreas -- "Totally trivial. Famous last words." From: Linus Torvalds <torvalds@*.org> Date: Fri, 22 Jan 2010 07:29:21 -0800 _______________________________________________ tor-talk mailing list [email protected] https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-talk
