Hey all! Some time has passed already and I felt like giving you all an update about how the adoption of Encrypted Client Hello and ML-KEM is doing. There’s not too much I need you tell in long sentences, so let’s do bullet-points this time around instead:

Post-quantum adoption

• today, close to 50% of human internet traffic that routes through Cloudflare is using ML-KEM or X25519Kyber768 (for HTTP3 traffic, this jumps to about 65%!) ¹
• since last time, both Chrome and Firefox made the switch to the now standardized ML-KEM. If you’re not into threat actors harvesting your pre-quantum Safari traffic, upgrade your software to (mac|i|iPad|tv|watch/vision)OS 26.
• OpenSSL 3.5.0 shipped with native support for ML-KEM
• from a dataset of 10 000 most popular domains according to Cloudflare Radar, about 52% of them connect using ML-KEM

Encrypted Client Hello

• using ECH is now possible in curl when building from DEfO’s OpenSSL fork. Instructions are on GitHub
• even though Safari is supportive of the idea of ECH, the lack of first-party support of DOH in the browser is likely holding back any innovation on this front
• in Firefox, ECH’s default enabled state can be tweaked by enterprises or parents using policies for content filtering
• the Russian government is taking an official stance against ECH, stating it’s “circumventing restrictions on access to information”² [source]
• in June, we’ve gotten our 25th revision of the ECH draft, with reports pointing to an upcoming official RFC publication – is this perhaps the motivation that the Safari team needed? [source]
• from the same dataset of 10 000 most popular domains, only about 5,4% offered and accepted an ECH connection

Footnotes