Products Firewalla Gold Firewalla Gold Plus Firewalla Purple Firewalla Purple SE Firewalla Blue Plus Firewalla Wi-Fi SD Product Comparison Product Reviews

Encrypted Server Name (ESNI)

Follow
Avatar
Joel Zimmerle
  • Edited

This is still a couple years away from being implemented but the idea here is to keep the server name from leaking while establishing the TLS connection. While I am a fan of this and other privacy improvements (like DoH) I am wondering if this will break Firewalla's (Gold supporter) ability monitor our networks. Paul Vixie (DNS pioneer) claims this will break NGFW's ability to transparently intercept outbound traffic. Just wondering what the engineers thoughts are on this and trying to at least get it on the radar. Thanks!

https://www.darkreading.com/risk/vixie-the-unintended-consequences-of-internet-privacy-efforts-/d/d-id/1336985

0

Comments

2 comments

Sort by Date Votes
  • Avatar
    Joel Zimmerle

    Hello? Anyone looked at this? No concern for this at all for intercepting traffic?

    0
    Comment actions Permalink
  • Avatar
    Jen-Mei Wu

    I came here to see if there was any information on this, and this is the only post I see. I'm glad that Firewalla enables DNS over HTTPS but I was hoping for a way to get ESNI support w/o having to enable it at the browser (aka Firefox) level. If not a feature, then at least some information in the docs.

    0
    Comment actions Permalink

Please sign in to leave a comment.

Didn't find what you were looking for?

New post