TLS Encrypted Client Hello (ECH)

This feature is only shown in the feature list to users with edit access.

The TLS Encrypted ClientHello (ECH) extension enables clients to encrypt ClientHello messages, which are normally sent in cleartext, under a server’s public key. This avoids leaking sensitive fields like the server name to the network. ECH is currently specified in draft-ietf-tls-esni-08. Note that earlier iterations of this specification were called Encrypted Server Name Indication, or ESNI.

Specification

Editor's draft

Status in Chromium

Blink components: Internals>Network>SSL

No active development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No signal
Edge: No signal
Safari: No signal
Web Developers: No signals

Owners

dmcardle@chromium.org
davidben@chromium.org
kenjibaheux@chromium.org

Intent to Prototype url

Intent to Prototype thread

Search tags

ech, esni,

Last updated on 2020-10-20