The Backend Engineering Show with Hussein Nasser artwork

Encrypted Client Hello - The Pros & Cons

The Backend Engineering Show with Hussein Nasser

English - September 29, 2023 20:47 - 33 minutes - 30.5 MB - ★★★★★ - 5 ratings
Technology Homepage Download Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Previous Episode: The Journey of a Request to the Backend
Next Episode: Consider this before migrating the Backend to HTTP/3



The Encrypted Client Hello or ECH is a new RFC that encrypts the TLS client hello to hide sensitive information like the SNI. In this video I go through pros and cons of this new rfc.

0:00 Intro
2:00 SNI
4:00 Client Hello
8:40 Encrypted Client Hello
11:30 Inner Client Hello Encryption
18:00 Client-Facing Outer SNI
21:20 Decrypting Inner Client Hello
23:30 Disadvantages
26:00 Censorship vs Privacy ECH

https://blog.cloudflare.com/announcing-encrypted-client-hello/
https://chromestatus.com/feature/6196703843581952