TLS 1.3 and ESNI appear to be working

As China has decided to block all HTTPS traffic using TLS 1.3 and ESNI for encryption, I think it is safe to assume that that encryption is pretty good and the Chinese government doesn’t have an easy and fast way to decrypt the traffic.

TLS 1.3 is the latest generation of cryptographic protocols that started of with SSL. ESNI is an experimental feature that encrypt the server name that the user is connecting to, and with ESNI someone eavesdropping on your connection can only know which physical server you connect to, not which website, provided the server hosts more than one website.

Not all browsers support ESNI yet.

 

 

 

 

 

 

 

 

 

 

This entry was posted in Security and tagged , , , , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.