ECH Support news?
Is there some information about ECH support? I could've sworn I saw an
ech entry in my domain's TYPE65 record, but not any more.
For context, with crypto.cloudflare.com , I see the pubkey:
But not for other domains (including my own on Cloudflare).3 Replies
It's just really slowly rolling out, it's by plan level. Most of my free domains have it, but none of my Pro/Biz/Ent
There's probably no rush because I don't think a single browser has it by default still, all behind flags or not implemented
I think the latest blog was https://blog.cloudflare.com/handshake-encryption-endgame-an-ech-update/
The Cloudflare Blog
Handshake Encryption: Endgame (an ECH update)
In this post, we’ll dig into ECH details and describe what this protocol does to move the needle to help build a better Internet.
Yeah that was the one I looked at as well, but already 1.5 years old 😄
I get that ECH isnt even official yet iirc (still draft)
Just wondering since ESNI for some time provided mitigations against SNI (even if behind extra flags), just unfortunate to have lost that