• dracs@programming.dev
    link
    fedilink
    English
    arrow-up
    25
    ·
    10 months ago

    That’s not entirely true. It’s only very recently that browsers have started using a new system called Encrypted Client Hello which hides the domain of the request. Prior to this all requests needed too have the Host field unencrypted so the receiving server knows which certified to respond with. I imagine there’s still quite a few servers which don’t support the new setup still.

      • Tja@programming.dev
        link
        fedilink
        arrow-up
        3
        ·
        10 months ago

        I don’t know about that. Technically it wouldn’t be necessary but I can see providers limiting you to a single IP instead of a /64 and needing to do it anyway, because the tech exists anyway. Or for privacy reasons. There is IPv6 NAT, after all…

        • frezik@midwest.social
          link
          fedilink
          arrow-up
          1
          ·
          10 months ago

          Most ISPs offer IPv6 right now, and they tend to hand out at least a /64. Often as much as a /54.

          RIPE strongly discourages ISPs from handing out prefixes longer than /56: https://www.ripe.net/publications/docs/ripe-690/

          I don’t see carrier grade NAT ever being used for IPv6. The extra equipment for that makes the network more expensive, less reliable, and introduces extra latency.

          One thing ISPs are doing is still handing out dynamically assigned prefixes rather than static. Self hosting is still going to be a pain.