Is TLS 1.2 broken (enough)?
While reading about the Great Chinese Firewall blocking all TLS 1.3 traffic I was wondering why they allow TLS 1.2 traffic? My first guess would be that the web would be unusable without it ... but on the other hand, I can't imagine they are allowing vast amounts of traffic that can't be snooped on. Is TLS 1.2 broken enough, so that they are able to gather all (meta)data they need?
According to https://www.zdnet.com/article/china-is-now-blocking-all-encr... only the combination of TLS 1.3 with ESNI (encrypted server name identification) is blocked completely. If you use TLS 1.3 with unencrypted server names, the Great Firewall can decide whether to allow a connection or not based on the website you want to visit, but with ESNI, fine-grained blocking becomes impossible.
So yes, TLS 1.2 and TLS 1.3 without ESNI are revealing metadata about the sites you visit, even though the connection itself is encrypted.