@FlickeringScreens to PrivacyEnglish • 1 year agoIs it true that only the website name is visible to ISPs?message-square5arrow-up114arrow-down10file-text
arrow-up114arrow-down1message-squareIs it true that only the website name is visible to ISPs?@FlickeringScreens to PrivacyEnglish • 1 year agomessage-square5file-text
minus-squarecumlinkfedilinkEnglish9•1 year agoYes, https hides most things but leaks the sni (server name indicator. We came up with a solution called esni (encrypted sni), but that also had issues. It didn’t have much adoption before esni got replaced with ech (encrypted hello). Cloudflare actually has a neat website to check if your browser is supporting ech. You can learn more about it here, it’s pretty cool! https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update/
minus-square@iopqMlinkEnglish1•1 year agoYeah, but DoH is blocked in China and Firefox doesn’t enable them separately It seems like I should be able to use ECH and dnscrypt together, for example https://bugzilla.mozilla.org/show_bug.cgi?id=1500289
Yes, https hides most things but leaks the sni (server name indicator. We came up with a solution called esni (encrypted sni), but that also had issues. It didn’t have much adoption before esni got replaced with ech (encrypted hello). Cloudflare actually has a neat website to check if your browser is supporting ech.
You can learn more about it here, it’s pretty cool! https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update/
Yeah, but DoH is blocked in China and Firefox doesn’t enable them separately
It seems like I should be able to use ECH and dnscrypt together, for example
https://bugzilla.mozilla.org/show_bug.cgi?id=1500289