Comment by narmiouh

> It’s also how browsers detect a website supports HTTP3

It's one way, but a H1/H2 connection can also be promoted to H3 via the alt-svc header. The DNS method is slightly better though since it potentially allows a client to utilize H3 immediately from the first request.

The biggest .st "service" is Aisuru botnet.

Weird. Or maybe someone looking up `te.st` a lot?

Encrypted DNS has existed for quite a while now through DNS over HTTPS, the missing link was that to connect to a website, you first had to send the server the hostname in plaintext to get the right public key for the site. So someone listening on the wire could not see your DNS requests but would effectively still get the site you connected to anyway.

The new development (encrypted client hello) is you no longer have to send the hostname. So someone listening in the middle would only see you connected to an AWS/etc IP. This will make blocking websites very difficult if they use shared services like cloudflare or cloud VPS hosting.

In principle, it means you could run multiple sites from the same IP and someone intercepting traffic to that IP (but not the client’s DNS path) couldn’t tell what site each connection was to. It mostly makes sense for CDNs, where the same IP will be used for many sites.

If you don’t use a CDN at all, the destination IP leaks what site you’re trying to connect to (if the domain is well known). If you use a CDN without ECH, you send an unencrypted domain name in the HTTPS negotiation so it’s visible there. ECH+CDN is an attempt to have the best of both worlds: your traffic to the site will not advertise what site you’re connecting to, but the IP can still be shared between a variety of sites.

It’ll be interesting to see how countries with lighter censorship schemes adapt - China etc. of course will just block the connection.

This is so you do not leak the host through TLS. Using DNS to serve an encryption key.

It’s not just encrypted server name indication (ESNI), it is the whole hello now (ECH)! So you don’t leak anything.

My read is you still leak the host with DNS. This only prevents leaking the host with SNI. A useful piece but not at all the holy grail.

That's not what this is about.

HTTPS is the name of a protocol, which is mostly used to make the World Wide Web work, but we do lots of other things with it, such as DNS-over-HTTPS aka DoH.

However HTTPS is also the name of a type of DNS record, this record contains everything you need to best reach the named HTTPS (protocol) server, and this is the type of record your parent didn't previously know about

In the boring case, say, 20 years ago, when you type https://some.name/stuff/hats.html into a web browser your browser goes "Huh, HTTPS to some.name. OK, I will find out the IPv4 address of some.name, and it makes a DNS query asking A? some.name. The DNS server answers with an IPv4 address, and then as the browser connects securely to that IP address, it asks to talk to some.name, and if the remote host can prove it is some.name, the browser says it wants /stuff/hats.html

Notice we have to tell the remote server who we hope they are - and it so happens eavesdroppers can listen in on this. This means Bad Guys can see that you wanted to visit some.name. They can't see that you wanted to read the document about hats, but they might be able to guess that from context, and wouldn't you rather they didn't know more than they need to?

With the HTTPS record, your web browser asks (over secure DNS if you have it) HTTPS? some.name and, maybe it gets a positive answer. If it does, the answer tells it not only where to try to connect, but also it can choose to provide instructions for a cover name to always use, and how to encrypt the real name, this is part of Encrypted Client Hello (or ECH)

Then the web server tells the server that it wants to talk to the cover name and it provides an encrypted version of some.name. Eavesdroppers can't decrypt that, so if many people share the same endpoints then eavesdropper can't tell which site you were visiting.

Now, if the server only contains documents about hats, this doesn't stop the Secret Hat Police from concluding that everybody connecting to that server is a Hat Pervert and needs to go to Hat Jail. But if you're a bulk host then you force such organisations to choose, they can enforce their rules equally for everything (You wanted to read News about Chickens? Too bad, Hat Jail for you) or they can accept that actually they don't know what people are reading (if this seems crazy, keep in mind that's how US Post worked for many years after Comstock failed, if you get a brown paper package posted to you, well, it's your business what is in there, and your state wasn't allowed to insist on ripping open the packaging to see whether it is pornography or communist propaganda)