I just learned what an SNI proxy is. This thought is surprising: doesn’t using a VPS imply the same amount of trust in the provider as using an SNI proxy. Theoretically, DigitalOcean could simply reassign my IP address and then issue a cert for it. They could also get hacked, and the attacker could do that. So maybe it’s no safer than using an SNI proxy. What do you think?
This doesn’t seem like a problem. People who want to self-host things need to be able to install programs/packages anyway. It seems unlikely that you would want to self-host a service on a device for which you don’t have root access (or, in the case of a phone, the ability to install apps).
This is a great point. You might want to set up a service at work, or behind some residential NAT, and those networks could kill your UDP traffic. So it makes sense to use a protocol that supports TCP. Since the TCP protocol would be a fallback, it would make sense to have the client connect over port 80 or 443 so that it’s sure to not be blocked by a firewall. Websockets probably make sense for that use case. I don’t know the protocol well enough to have a strong opinion on them. Would it be anything other than a re-invented VPN?