There is work to hopefully improve this situation for SNI at least: datatracker.ietf.org/doc/draft-ietf-tls-esni/.
Comment on Man Found Guilty of Child Porn, Because He Ran a Tor Exit Node
beatle@aussie.zone 1 year agoThe Server Name Identification (SNI) standard means that the hostname may not be encrypted if you’re using TLS. Also, whether you’re using SNI or not, the TCP and IP headers are never encrypted. (If they were, your packets would not be routable.)
sloppy_diffuser@sh.itjust.works 1 year ago
Findmysec@infosec.pub 4 months ago
As it turns out, eSNI (to take that forward, eCH) has become common in modern browsers with a supported DNS provider