fix russian link · trnck.dev/blog@5f5b86e

trnck.dev / blog

fork atom

blog.trnck.dev

fork atom

fix russian link

Filip Troníček 5 months ago 5f5b86ed d04b17b3

+2 -1

1 changed file

expand all

_posts

2025-10-10-ciphertrails-checkin.md

+2 -1

_posts/2025-10-10-ciphertrails-checkin.md

··· 17 17 - using ECH is now possible in `curl` when building from [DEfO's OpenSSL](https://github.com/defo-project/openssl) fork. Instructions are [on GitHub](https://github.com/sftcd/curl/blob/ECH-experimental/docs/ECH.md) 18 18 - even though Safari is [supportive of the idea of ECH](https://github.com/WebKit/standards-positions/issues/46#issuecomment-1334681742), the lack of first-party support of DOH in the browser is likely holding back any innovation on this front 19 19 - in Firefox, ECH's default enabled state can be tweaked by enterprises or parents using policies for content filtering 20 - - the Russian government is taking an official stance against ECH, stating it's "circumventing restrictions on access to information" [[source](https://portal.noc.gov.ru/ru/news/2024/11/07/]%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC-%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D1%82-cdn-%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0-cloudflare/)] 20 + - the Russian government is taking an official stance against ECH, stating it's "circumventing restrictions on access to information"[^2] [[source](https://portal.noc.gov.ru/ru/news/2024/11/07/%D1%80%D0%B5%D0%BA%D0%BE%D0%BC%D0%B5%D0%BD%D0%B4%D1%83%D0%B5%D0%BC-%D0%BE%D1%82%D0%BA%D0%B0%D0%B7%D0%B0%D1%82%D1%8C%D1%81%D1%8F-%D0%BE%D1%82-cdn-%D1%81%D0%B5%D1%80%D0%B2%D0%B8%D1%81%D0%B0-cloudflare/)] 21 21 - in June, we've gotten our 25th revision of the [ECH draft](https://datatracker.ietf.org/doc/draft-ietf-tls-esni/), with reports pointing to an upcoming official RFC publication – is this perhaps the motivation that the Safari team needed? [[source](https://www.feistyduck.com/newsletter/issue_127_encrypted_client_hello_approved_for_publication)] 22 22 - from the same dataset of 10 000 most popular domains, only about 5,4% offered and accepted an ECH connection 23 23 24 24 ## Footnotes 25 25 26 26 [^1]: Data from [Cloudflare Radar](https://radar.cloudflare.com/explorer?dataSet=http&groupBy=post_quantum&filters=botClass%253DLikely_Human&dt=1d) 27 + [^2]: And even worse, they miscapitalized Cloudflare in the official statement :\(