|
|
|
|
|
|
by seodisparate
1781 days ago
|
|
|
Oh I see, thanks for the reply. I did a quick search and came upon https://blog.cloudflare.com/encrypted-client-hello/ which does shed light on ECH. Though I am not sure if only Cloudflare-backed servers provide ECH, or if it is even available. Seems relatively new. EDIT: Ah, the blog post does indicate that ECH is a work in progress. |
|
|
What that means is, one day you'll get a new browser update and from then all your TLS connections will seem to use ECH, however, since most servers don't speak ECH most of your connections will have an unencrypted Hello as usual and then the ECH payload they carry is actually random noise.
Then, gradually over time, sites do have ECH and the connections to those sites use a cover name in the outer Hello with the real name protected by ECH instead of noise in the ECH data.
I would anticipate this beginning probably in the next 12-18 months once ECH is nailed down completely and ready to be published.