Guardian Project#DEfO has completed #ECH implementation for #nginx and there is a pull request:
https://github.com/nginx/nginx/pull/840
If you want to see ECH in nginx sooner rather than later, please jump in and review, give feedback, thumbs up, etc.
TorrentFreak RSSCloudflare Asks Court to End LaLiga’s “Illegal” Blocking Response to Encrypted Client Hello
#encryptedclienthello #dynamicinjunction #SiteBlocking #Anti-Piracy #Cloudflare #LaLiga #iptv #ECH
It is now possible to use #Python as an #ECH client using the DEfO development fork:
https://guardianproject.info/2025/01/10/using-tls-ech-from-python/
Using TLS ECH from Python
At first, the idea of encrypting more of the metadata found inside the initial packet (the “ClientHello”) of a TLS connection may seem simple and obvious, but there are of course reasons that this wasn’t done right from the start. In this post I will describe the flow of a connection using Encrypted Client Hello (ECH) to protect the metadata fields, and present a working code example using a fork of CPython built with DEfO project’s OpenSSL fork to connect to ECH-enabled HTTPS servers.
Kir4ik52 
Роскомнадзор начал блокировку сайтов с шифрованием ECH (Encrypted Client Hello) от Cloudflare.
Недавно Cloudflare внедрила технологию ECH для всех сайтов на своих серверах — это 24 млн страниц.
-Активное шифрование ECH нарушает российское законодательство, так как имеет возможности обхода ограничений доступа к запрещенной информации в России.
Пользователи в РФ уже начали жаловаться на недоступность тысяч сайтов, использующих ECH.
Роскомнадзор советует владельцам ресурсов отказаться от использования CDN-сервиса CloudFlare и переходить на отечественные CDN-сервисы.
src:
https://portal.noc.gov.ru/ru/news/2024/11/07/%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC-%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D1%82-cdn-%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0-cloudflare/
https://habr.com/ru/news/856722/
#ркн #Роскомнадзор #ркн_заебал #cloudflare #ech #encryptedclienthello #rf #рф
Hans-Christoph SteinerGiven my work on #privacy, #censorship circumvention, #ech, etc. this #Brazil #Musk case is giving me pause. I have lots of questions, but no clear answers yet. Are there parallels to the DoH case here? Is making the internet more private contributing to centralization of power? e.g. billionaires like Musk can broadcast over the whole internet whatever they want, and governments have no power to stop it. The 99% do have to follow our govs.
Alex0007
#golang's core crypto/tls library merged client #ECH support! It should be included in the Go v1.23 release. Server-side support is still in the works.
#TLS #EncryptedClientHello #ECH support has been merged in #curl!
k3ym𖺀For people asking why Encrypted Client Hello is so important:
Even if you are using DOH (or ODoH), your ISP can see what websites your visiting (and then sell to NSA) by inspecting the certificate SNI field. Even with Encrypted SNI (ESNI), there are artifacts of the TLS session establishment leaked that can be used for TLS Fingerprinting - things like ALPN, and cipher suite.
