WOW! China Blocks TLS 1.3 with ESNI - Let us discuss

The Backend Engineering Show with Hussein Nasser

Episode | Podcast

Date: Sun, 09 Aug 2020 15:42:17 GMT

<p>SNI or server name indication is a TLS Extention that indicate which server/host/domain the client want to communicate with. This is to allow for hosting of multiple websites on the same public static ip address. For the longest time all ISPs used SNI to block hosts and websites, China is now blocking the encrypted version SNI.</p> <p>0:00 Intro</p> <p>2:00 DNS and DOH</p> <p>3:30 SNI</p> <p>6:30 ESNI</p> <p>11:00 The Block</p> <p>The ESNI and DOH stops this but China want</p> <p><a href="https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/">https://www.zdnet.com/article/china-is-now-blocking-all-encrypted-https-traffic-using-tls-1-3-and-esni/</a></p> <p><a href="https://tools.ietf.org/html/draft-ietf-tls-esni-07#section-3.2">https://tools.ietf.org/html/draft-ietf-tls-esni-07#section-3.2</a></p>