Remix clone Hacker News

TCP SYN is not encrypted, and neither is Client Hello. Even with TCP cookies and TLS session resumption, the initial packet is still unencrypted, and can be intercepted.

▲

haiku2077 4 days ago | parent [-]

Client Hello can be encrypted: https://support.mozilla.org/en-US/kb/understand-encrypted-cl...

▲

simiones 3 days ago | parent | next [-]

Oh, right, thanks for the correction!

However, ECH relies on a trusted 3rd party to provide the key of the server you are intending to talk to. So, it won't work if you have no way of authenticating the server beforehand the way GP was thinking about.

▲

EE84M3i 4 days ago | parent | prev [-]

Yes but this still depends on identity. It's not unauthenticated.

	▲	ekr____ 3 days ago \| parent [-]
		The situation is actually somewhat more complicated than this. ECH gets the key from the DNS, and there's no real authentication for this data (DNSSEC is rare and is not checked by the browser). See S 10.2 [0] for why this is reasonable. [0] https://tlswg.org/draft-ietf-tls-esni/draft-ietf-tls-esni.ht...