Comment by tgma
This is referring to something else: to detect whether the backend server host itself is inside or outside Iran. TLS doesn't prevent the backend network from reading the URL of course.
This is referring to something else: to detect whether the backend server host itself is inside or outside Iran. TLS doesn't prevent the backend network from reading the URL of course.
Again, you are assuming a normal situation. The point is the country itself is operating (or has a heavy grip and perhaps even subsidizes) the backend CDN and enforcing that stuff in a rudimentary way.
"TLS between backend connections" usually involves termination and decryption on the frontend webserver and re-encryption of the upstream traffic, whatever it may be.
Well it would if things are setup according to best practises (i.e. use TLS between the backend connections). Presumably most people dont do that.