On 8/9/2020 8:31 PM, Peter Gutmann wrote: > >From the writeups I've seen, what they're blocking is TLS 1.3, not ESNI. > Since ESNI can be de-anonymised with a high degree of success (see various > conference papers on this) and in any case doesn't matter for the most > frequently-blocked sites like Facebook, Instagram, Twitter, etc, it may not > even be on the GFW's radar. My guess is that the GFW doesn't have a fast-path > mechanism for TLS 1.3 so as 1.3 use grows it's being overwhelmed, therefore > they're blocking it until they can upgrade their hardware. The fact that ESNI > is also affected is just a coincidence of the blocking of 1.3.
Please check David Fitfield's message above in the thread. The research that he quoted is quite specific, "The ESNI detector only matches the ESNI encrypted_server_name extension 0xffce (draft-ietf-tls-esni-00 through -06), not the ECH extensions encrypted_client_hello 0xff02, ech_nonce 0xff03, outer_extension 0xff04 (draft-ietf-tls-esni-07)." -- Christian Huitema _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
