TLS Encrypted Client Hello (ECH)

This feature is only shown in the feature list to users with edit access.

The TLS Encrypted ClientHello (ECH) extension enables clients to encrypt ClientHello messages, which are normally sent in cleartext, under a server’s public key. This avoids leaking sensitive fields like the server name to the network. ECH is currently specified in draft-ietf-tls-esni-08. Note that earlier iterations of this specification were called Encrypted Server Name Indication, or ESNI.

Specification

Editor's draft

Status in Chromium

Internals>Network>SSL


No active development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

  • No signal
  • No signal
  • No signal
  • No signals

Owners

Intent to Prototype url

Intent to Prototype thread

Search tags

ech, esni,

Last updated on 2020-10-20