Filip Troníček

Confused with Open VSX, VS Code and so much more @gitpod-io

@filiptronicek
[email protected]
Prague, Czechia
X
LinkedIn

Home

Cloudflare disables Encrypted Client Hello

Published Jan 02, 2024

In late October, Cloudflare informed via their forum that they were disabling ECH on all sites they manage, due to “issues”1. This is quite sad and surprising news, as ECH was a great step forward for privacy on the web and Cloudflare is the first big player driving adoption of the standard.

Hence, as of today, ECH is not enabled on any of the top 100,000 sites, as per the Cloudflare Radar domain list. At least, if we’re starting at 0, we can only go up from here.

Also, have a Happy New Year!

  1. Personally, I believe these to be political rather than technical in nature. As I wrote in the first episode of this series, networks with security policies can be easily worked around using ECH, and it also may be the case that those issues will need to be resolved first, before ECH can be rolled out to everyone.