I’m now using your new feature, SSH over Argo Tunnel, everyday. This involves using Cloudflared as a proxy command of SSH.
According to my packet capture, it only uses TLS1.2 when communicating with your servers. Which effectively leaks the server DNS name if someone else is capturing network traffic.
So does Cloudflared support TLS1.3 and encrypted SNI? If not, could you please implement it to make it more likely to replace VPN service in high security level applications?