Transport security/Metadata seen between Client/Mastodon Instance


#1

I’m new to mastodon and have some questions to the transport security/encryption between instances.
If I log on my account via web or app and browse profiles on other instances, is all communication secure, means end to end encrypted? Is my provider able see the instances communicating with except the one logged in? Is it possible fpr him to see the received data or the metadata (File-(name), IP from etc.)? SSL normally encrypts everything except the DNS resolving so the communication itself (file pathes, data) itself is encrypted?
Many thanks!


#2

Data between you and your home server is encrypted with TLS (https). This includes data that your server has cached from another server – other servers do not see you browsing that data at all. Communication between servers is also encrypted with TLS.


#3

Thank You! , that seems secure to me. Does this also include posted pics(not posted links with pic as target, of course), even if you click to fullsize? Or are they stored elsewhere in the web and probably linked via http(s)? I’m using whalebird as client.
Best regards!