this post was submitted on 30 Jan 2024
1108 points (97.0% liked)

Memes

45746 readers
1788 users here now

Rules:

  1. Be civil and nice.
  2. Try not to excessively repost, as a rule of thumb, wait at least 2 months to do it if you have to.

founded 5 years ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] sznowicki@lemmy.world 67 points 10 months ago (12 children)

ISP can’t see pages. They can see domains or IPS but that’s it.

[–] davel@lemmy.ml 36 points 10 months ago (4 children)

They can’t even reliably see domains when you use HTTPS, because some IP addresses serve many domains.

[–] dracs@programming.dev 28 points 10 months ago (1 children)

That's not entirely true. It's only very recently that browsers have started using a new system called Encrypted Client Hello which hides the domain of the request. Prior to this all requests needed too have the Host field unencrypted so the receiving server knows which certified to respond with. I imagine there's still quite a few servers which don't support the new setup still.

[–] frezik@midwest.social 6 points 10 months ago (2 children)

And we wouldn't need any of that if we implemented IPv6.

[–] Tja@programming.dev 3 points 10 months ago (1 children)

I don't know about that. Technically it wouldn't be necessary but I can see providers limiting you to a single IP instead of a /64 and needing to do it anyway, because the tech exists anyway. Or for privacy reasons. There is IPv6 NAT, after all...

[–] frezik@midwest.social 1 points 10 months ago

Most ISPs offer IPv6 right now, and they tend to hand out at least a /64. Often as much as a /54.

RIPE strongly discourages ISPs from handing out prefixes longer than /56: https://www.ripe.net/publications/docs/ripe-690/

I don't see carrier grade NAT ever being used for IPv6. The extra equipment for that makes the network more expensive, less reliable, and introduces extra latency.

One thing ISPs are doing is still handing out dynamically assigned prefixes rather than static. Self hosting is still going to be a pain.

[–] KairuByte@lemmy.dbzer0.com 1 points 10 months ago

In an ideal world, sure.

[–] lone_faerie@lemmy.blahaj.zone 21 points 10 months ago

Most ISPs are also the default DNS resolver for a lot of people, so they see the domain you're requesting an IP for.

[–] kn33@lemmy.world 18 points 10 months ago

They can still (mostly) sniff SNI for now which gives them a domain even when the IP isn't unique.

load more comments (7 replies)