As long as plain SNI is still a option, bad actor will try to enforce you to use that. So they can do bad things.
China seems already done that and blocked esni. And the sites eventually gave up esni because people complaining they can't connect to it.
A deprecation likes that(ex. browsers nowaday marks every http site as unsafe) ensure it is not available to everyone. So some sort of these attacks never work.
China seems already done that and blocked esni. And the sites eventually gave up esni because people complaining they can't connect to it.
A deprecation likes that(ex. browsers nowaday marks every http site as unsafe) ensure it is not available to everyone. So some sort of these attacks never work.