TLS Encrypted Client Hello (ECH) - Chrome Platform Status

Feature: TLS Encrypted Client Hello (ECH)

This feature is only shown in the feature list to users with edit access.

The TLS Encrypted ClientHello (ECH) extension enables clients to encrypt ClientHello messages, which are normally sent in cleartext, under a server’s public key. This avoids leaking sensitive fields like the server name to the network. ECH is currently specified in draft-ietf-tls-esni-08. Note that earlier iterations of this specification were called Encrypted Server Name Indication, or ESNI.

Specification

Specification link

Status: Specification being incubated in a Community Group

Status in Chromium

Blink components: Internals>Network>SSL

Implementation status: No active development (tracking bug)

Consensus & Standardization

After a feature ships in Chrome, the values listed here are not guaranteed to be up to date.

Firefox: No signal
Safari: No signal
Web Developers: No signals

Owners

Intent to Prototype url

Intent to Prototype thread

Search tags

ech, esni,

Last updated on 2022-01-23