Is it because of the "Host" HTTP header? I always thought it was optional, since the IP address and port were handled by the network and transport layers respectively. Turns out it's required to resolve between different virtual hosts in the same server. Today I Remembered (TIR?) that virtual hosts are a thing...
Is there anything else that might indicate the domain name in the handshake connection?
I don't get it... How does this protect anything? If we want our packets to reach a web server, we need to write the server's IP address on them. If a snooper has the IP, can't they just lookup the domain name from a DNS server? Or is that not a service DNS provides?
If the IP address is encrypted, how will the routers know where to send the packets? Only solution I can think of would be onion routing... Am I wrong??
That's right, baby! GAME AH DAH YEEAAAR!
If you're having fun after 1600 hours, then you're not playing it wrong
This makes me wonder... If there really is someone automating these reports, how did they not forsee the potencial for reporting completely harmless commits? It's like this was caused by someone who just recently got into the world of software and scripting and thought they were good enough to help with the security for decades-old software.
Was it intentional and - if so - what would they benefit from this??
" - is not what the cat said
CSS is decorating a christmas tree off to the side. Some of the decorations are hovering in the air. We don't correct CSS, as it seems to be having fun regardless.