Seonglae ChoEncrypted Clieht Hello
TLS Encrypted ClientHello (ECH) extension enables clients to encrypt ClientHello messages which are normally sent in cleartext, under a server's public key
This avoids leaking sensitive fields like the server name to the network
Good-bye ESNI, hello ECH!
Most communication on the modern Internet is encrypted to ensure that its content is intelligible only to the endpoints, i.e., client and server. Encryption, however, requires a key and so the endpoints must agree on an encryption key without revealing the key to would-be attackers.
https://blog.cloudflare.com/encrypted-client-hello/
Chrome Platform Status
The TLS Encrypted ClientHello (ECH) extension enables clients to encrypt ClientHello messages, which are normally sent in cleartext, under a server's public key. This avoids leaking sensitive fields like the server name to the network. ECH is currently specified in draft-ietf-tls-esni-08. Note that earlier iterations of this specification were called Encrypted Server Name Indication, or ESNI.
https://www.chromestatus.com/feature/6196703843581952
draft-ietf-tls-esni-10 - TLS Encrypted Client Hello
tls E. Rescorla Internet-Draft RTFM, Inc. Intended status: Standards Track K. Oku Expires: 9 September 2021 Fastly N. Sullivan C.A. Wood Cloudflare 8 March 2021 TLS Encrypted Client Hello draft-ietf-tls-esni-10 Abstract This document describes a mechanism in Transport Layer Security (TLS) for encrypting a ClientHello message under a server public key.
https://datatracker.ietf.org/doc/draft-ietf-tls-esni/