Changes like these lend even more credibility to the approach of putting everything on port 443 over TLS, and distinguishing protocols based on hostname / HTTP path.

▲

tosti 10 hours ago | parent | next [-]

Wireguard over 443/udp is also a neat trick. No need to make it look like quic although I wouldn't be surprised if someone takes the effort to make it that stealthy.

▲

trashb 7 hours ago | parent | prev [-]

If everything was on port 443 why would we even need ports.

The ports are there for a reason, it is idiotic to serve everything over http as you would need a mechanism to distinguish the different flows of traffic anyhow.

	▲	allknowingfrog 6 hours ago \| parent [-]
		Preventing the traffic from being distinguished is the whole premise. Port 23 gets blocked because everyone uses it for telnet, and everyone expects bad actors to know that. If everything moves to 433, we'll end up with a variety of routing systems and no focal point for attack. The only alternative is to disallow port filtering in core internet infrastructure. We can either have a standard and accept that bad actors will use it against us, or we can accept the chaos that results from abandoning it.