How does tls 1.3 encrypt certificate in Server Hello to prevent eavesdropping?
I know that
ESNIand certificate encrytion in Server Hello are aimed at preventing eavesdropping from the hostname and
ESNIhasn't been taken into practice for common web servers yet.
Even though, I am still curious about:
How does tls 1.3 encrypt certificate in Server Hello to prevent eavesdropping? And how does the client decrypt it and get the certificate?
I found a good post A walkthrough of a TLS 1.3 handshake but have some difficulty in reading it.
Please take a look here https://tls13.ulfheim.net/
Basically, server chooses cipher suite in Server Hello message.