Just poking fun, don't worry about it, there's nothing reall...

ChipTuner

npub1qdjn8j4gwgmkj3k5un775nq6q3q7mguv5tvajstmkdsqdja2havq03fqm7

hex

d0b3779a8d43310ce4b8dc10a9baaff14276a1ef17f463fdd37be6908cebd977

nevent

nevent1qqsdpvmhn2x5xvgvujudcy9fh2hlzsnk58h30arrlhfhhe5s3n4ajacprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgsqxefne258ydmfgm2wfl02fsdqgs0d5wx29kweg9amxcqxew4t7kqdclrx9

Kind-1 (TextNote)

2026-03-17T20:53:42Z

↳ Reply to Laeserin (npub1m4ny6hjqzepn4rxknuq94c2gpqzr29ufkkw7ttcxyak7v43n6vvsajc2jl)

If you give me a clearer description of what I need to fix, I can see if I can fix it.

Just poking fun, don't worry about it, there's nothing really to do.

SNI (server name indication) basically just sends a little plain text domain name as part of the tls handshake and kind of a failure by IEEE in my opinion. It rides an ambiguous line of, it's basically never encrypted (my experiments revealed this), can be mutated by a MITM if server's trust it to select virtual host which was sort of my plan for an accelerator idea.

So you're not really supposed to use it server side at L4, because it could be encrypted, and if it's not then it could be mutated, or the client may choose not to send it, because it doesn't need to. I think it's required with H2 and H3 but I can't remember. Encryption was only added as an option with tls v1.3 which literally like last year I could say I see more than 75% of the time. It took fucking ages for clients to full switch to tls 1.3. Probably because not everyone sees it as a major improvement dunno.

https://en.wikipedia.org/wiki/Server_Name_Indication

Raw JSON

{
  "kind": 1,
  "id": "d0b3779a8d43310ce4b8dc10a9baaff14276a1ef17f463fdd37be6908cebd977",
  "pubkey": "036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58",
  "created_at": 1773780822,
  "tags": [
    [
      "e",
      "51b4fbe8ee0b8fdb8f81ee335b11f1294358f9bce8c5c1dc25196ef449e0373b",
      "wss://relay.ditto.pub/",
      "root",
      "036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58"
    ],
    [
      "e",
      "f3b8b7adf950e2212ab6047364862fab9551d7990b701b1d7edf53f109dfa310",
      "wss://relay.primal.net/",
      "reply",
      "dd664d5e4016433a8cd69f005ae1480804351789b59de5af06276de65633d319"
    ],
    [
      "p",
      "036533caa872376946d4e4fdea4c1a0441eda38ca2d9d9417bb36006cbaabf58"
    ],
    [
      "p",
      "5e336907a3dda5cd58f11d162d8a4c9388f9cfb2f8dc4b469c8151e379c63bc9"
    ],
    [
      "p",
      "dd664d5e4016433a8cd69f005ae1480804351789b59de5af06276de65633d319"
    ]
  ],
  "content": "Just poking fun, don't worry about it, there's nothing really to do. \n\nSNI (server name indication) basically just sends a little plain text domain name as part of the tls handshake and kind of a failure by IEEE in my opinion. It rides an ambiguous line of, it's basically never encrypted (my experiments revealed this), can be mutated by a MITM if server's trust it to select virtual host which was sort of my plan for an accelerator idea. \n\nSo you're not really supposed to use it server side at L4, because it could be encrypted, and if it's not then it could be mutated, or the client may choose not to send it, because it doesn't need to. I think it's required with H2 and H3 but I can't remember. Encryption was only added as an option with tls v1.3 which literally like last year I could say I see more than 75% of the time. It took fucking ages for clients to full switch to tls 1.3. Probably because not everyone sees it as a major improvement dunno. \n\nhttps://en.wikipedia.org/wiki/Server_Name_Indication",
  "sig": "5e100f573d033eb0819ce308ab76e922c9d65bdc66a9daeef38f59e6b3af99a0043cb886c8b93b13b1efed603ed7b82373f9381bf969d238a3a0c5ea083bc275"
}