Expert On China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 And ESNI

It was reported today that China is now blocking all encrypted HTTPS traffic that uses TLS 1.3 and ESNI. The block was put in place at the end of July and is enforced via China’s Great Firewall.


EXPERTS COMMENTS
John ‘Turbo’ Conwell, Principal Data Scientist ,  DomainTools
August 11, 2020
The internet's DNS infrastructure finds and returns the domain's IP address, and then that person can browser the domain's web site.
When someone enters a domain name in their browser, their system first looks up the domain's IP address using the DNS protocol. The internet's DNS infrastructure finds and returns the domain's IP address, and then that person can browser the domain's web site. Before DoH (DNS over HTTPS) this all happened unencrypted, so anyone sitting in the middle of DNS lookup, like an ISP or China's Great F ....
[Read More >>]
Richard Bejtlich , Principal Security Strategist,  Corelight
August 11, 2020
The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect.
Those who developed TLS 1.3 and ESNI believed that they could enable privacy by encrypting almost every aspect of a connection. The Chinese Communist Party decided that level of encryption was beyond the capabilities of their Great Firewall to inspect, so they are now blocking *all* TLS 1.3 and ESNI connectivity. This is a setback for those in China trying to access the free Internet, and probably ....
[Read More >>]

If you are an expert on this topic:

Submit Your Expert Comments


In this article