You must log in or register to comment.
Client Hello is one of the ways firewalls figure out what site you’re going to in order to block it from memory (its possible I’m getting this confused for a different request). Curious to see the impact of this.
Some Anti-DPI measures splitting Client Hello to avoid DPI and it works. I guess it would be more easier for average users to avoid DPI with ECH.
I don’t quite get what the point is. No matter how good you encrypt the server name, the destination IP address will always be visible. Are there that many webservers sharing the same IP, that this makes a noticeable impact? Am I missing something?
It certainly isn’t a silver bullet l, but considering the amount of data that gets served through CDNs like Cloudflare, it should do something.
