Encrypted Client Hello: How it was blocked in Russia and next steps
cdt.orgCan't you just drop the ECH signals, no matter what site it is? Don't you then mostly disable sites you don't want people to see anyway? Maybe like, you can't download Chrome anymore, but I bet there would be a Russian fork suuuuper fast.
Yes, Russia can shut off its Internet and computers. Know that super useful AI model out of Russia? Its name slips my tongue. Imagine how much better it will get.
>I bet there would be a Russian fork suuuuper fast
There is Yandex Browser [0] which is based on Chromium and exists since 2010. Its share in Russia is ~33% while Chrome has 42% of the market [1].
[0] https://browser.yandex.com/
[1] https://gs.statcounter.com/browser-market-share/all/russian-...
i use an extension called OhMyECH to show whether a website used ECH, and it is currently very rare that i encounter one that does.
at least none of the major websites on the internet do.
adding, one can test it here [1] though I think it also depends on the client using DoH [2] For people already using Cloudflare or Google DoH DNS it should just work.
To get ECH to work for me I had to enable DoH in my local Unbound DNS daemon and point Firefox to it rather than using unencrypted DNS on my LAN. I had to force a refresh (shift-F5 on tls-ech.dev). I only use my own recursive DNS so I get query logs and can block some ad/malware sites.
[1] - https://crypto.cloudflare.com/cdn-cgi/trace
[2] - https://tls-ech.dev/