Replies: 1 comment 4 replies
-
yes
If this is a concern, you can remove VLESS and replace it with SS or VMESS. I think "SS-in-VLESS-in-WS/GRPC" sounds overly complicated but I don't know enough to tell whether it is a problem for detectability.
it is already nested TLS anyway (CDN's TLS and user's TLS), and there's not much you can do about it. vision fixes tls-in-tls by "violating" the outer TLS, the CDN does not allow for that. |
Beta Was this translation helpful? Give feedback.
-
VLESS does not provide its own encryption. CDN terminates TLS at the edge. I assume CDN provider can see which domain/IP I request through VLESS, my inbound user id and my plain text data (like HTTP traffic on port 80). Is this correct?
I can wrap VLESS+TLS in VLESS+TLS-CDN but then it's nested TLS. Should I switch to SS in VLESS?
What would be a good solution?
Beta Was this translation helpful? Give feedback.
All reactions