Encrypted Client Hello (ECH) Is Done, but Can We Make It Work?
a day ago
- #Internet Censorship
- #TLS Privacy
- #Encrypted Client Hello
- Encrypted Client Hello (ECH) enhances TLS privacy by encrypting the handshake to hide the destination domain.
- ECH is now standardized in RFC 9849 and RFC 9848, with good client-side support in major browsers, but limited server-side adoption primarily by Cloudflare.
- Server-side deployment is slow; OpenSSL 4.0 and Nginx 1.30.0 support ECH, but widespread adoption may take years.
- ECH faces opposition from governments (e.g., Russia, Spain, Italy) for censorship and enterprises for traffic monitoring, leading to efforts to block it.
- A remaining vulnerability is the static outer domain (e.g., cloudflare-ech.com), which can be filtered; solutions are being developed to randomize this.
- ECH bootstrapping via DNS is fragile in censored environments; secure DNS methods like DoH may be blocked, hindering ECH deployment.