Implement Encrypted Client Hello (ECH) #9076
fabriziobagala
started this conversation in
Feature requests & Ideas
Replies: 2 comments
-
|
Developers are strongly advised to pay attention to this issue. Even TLS1.3 will expose the server website domain name to be accessed when sending the client hello handshake data packet. This is a serious privacy threat in countries with strict network censorship and can be easily blocked by deep packet inspection systems. |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
We are keeping an eye on this, but AFAICT we're still waiting on openssl. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
I have checked if others have suggested this already
Feature description
ECH is an extension of the TLS protocol. It aims to secure the TLS handshake portion of the protocol by encrypting the name of the websites you visit, which is in plain-text. For more details, click TLS Encrypted Client Hello.
Alternative solutions
Currently the only solution is to disable the VPN and use a provider such as Cloudflare to get this protection.
Type of feature
Operating System
Beta Was this translation helpful? Give feedback.
All reactions