Bulletproof TLS Newsletter #68
Great Firewall of China blocks encrypted SNI extension
27 Aug 2020
Author: Hanno Böck

This issue was distributed to 55,479 email subscribers.

Bulletproof TLS Newsletter is a free periodic newsletter bringing you commentary and news surrounding SSL/TLS and Internet PKI, designed to keep you informed about the latest developments in this space.

In this issue:

  1. Great Firewall of China blocks encrypted SNI extension
  2. Short news

Great Firewall of China blocks encrypted SNI extension

According to a joint report from iYouPort, the University of Maryland, and the Great Firewall Report, TLS connections using the preliminary encrypted SNI (ESNI) extension are being blocked in China.

Traditional SNI allows sending a hostname within a TLS handshake, which allows multiple TLS hosts with different certificates to run on the same IP address and port. But the original SNI is unencrypted, which has sometimes been used to censor connections to certain hosts.

Encrypted SNI is an attempt to change this. The concept is to fetch an encryption key via DNS (which itself can be secured via DNS over HTTPS). It’s currently in draft form, but some hosters implement it already, such as Cloudflare.

According to the report, TLS packages containing the extension for ESNI are dropped. However, only an older extension ID is currently dropped; a newer ID of a mechanism called encrypted client hello (ECH), which is simply the latest version of ESNI, is currently still usable.

The report discusses various ways to evade the blocking, but it’s likely that the blocking will be adapted to thwart those methods if they’re adopted. Whether ESNI will succeed may depend on whether it will be used widely enough to make complete blocking infeasible.

Short news