nostr:npub19fv278dsygjuvecls7dpe3vwgtx6dudsnfhpszvfstrl7zn7yrdsnkh9vl I think I was roughly right: "As part of this handshake, the browser will indicate the name of the server (website) that it intends to visit: the Server Name Indication.

Due to the fact that the session is not encrypted yet, and the server doesn't know which certificate to use, the browser must transmit this information in plain text. "