Yep. Especially with non-wildcard certs this leaks all service names (privacy concern).