• Dreeg Ocedam
    link
    fedilink
    03 years ago

    It’s more complex than that. The client doesn’t authenticate itself to the server. It only shows a certificate that says “I have a right to send messages to this person”. This certificate is anonymous and was initially generated by the receiver, and then sent via the encrypted session.

    More details here.

    The server could still correlate the IP, which is much less valuable and can be hidden through VPNs or even the built-in censorship circumvention proxy.