{"id":8969,"date":"2020-08-14T17:38:56","date_gmt":"2020-08-14T21:38:56","guid":{"rendered":"http:\/\/local.brightwhiz\/?p=8969"},"modified":"2024-02-22T15:31:37","modified_gmt":"2024-02-22T12:31:37","slug":"china-blocking-encrypted-https-traffic","status":"publish","type":"post","link":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/","title":{"rendered":"China Blocking Encrypted HTTPS Traffic Using TLS 1.3 and ESNI"},"content":{"rendered":"\n<p>As of the end of July 2020, China is blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI. These changes from the Chinese Government came in after an update to its national censorship tool, known as the Great Firewall (GFW) kicked in.<\/p>\n\n\n\n<p>Chinese officials are targeting connections that are being set up using modern, interception-proof protocols and technologies such as TLS 1.3 and ESNI (<a href=\"http:\/\/local.brightwhiz\/tag\/encryption\">Encrypted<\/a> Server Name Indication).<\/p>\n\n\n\n<p>Other HTTPS traffic that uses older versions of the same protocols such as TLS 1.1 or 1.2, or SNI (Server Name Indication) are still allowed through the Great Firewall.<\/p>\n\n\n\n<p>TLS is the protocol used for secure communication on the <a href=\"http:\/\/local.brightwhiz\/tag\/web\">web<\/a> (HTTPS). It provides authenticated encryption so that users know that they are communicating with the right service. It also ensures that an intermediary does not read or tamper with your information through Man-in-the-middle attacks.<\/p>\n\n\n\n<p>In HTTPS connections set up via the newer TLS 1.3, the SNI field can be hidden via ESNI that is the encrypted version of the old SNI. With HTTPS traffic using TLS 1.3 and ESNI, it makes it harder for Chinese officials to filter HTTPS traffic and control what content the Chinese population can access.<\/p>\n\n\n\n<p>But even though TLS hides the content of a user&#8217;s communication, it does not always conceal with whom the user is communicating. The TLS handshake, a process that kicks off a communication session, optionally contains a Server Name Indication (SNI) field that allows the user&#8217;s client to inform the server which website it wishes to communicate with.<\/p>\n\n\n\n<p>China blocking encrypted https traffic is not exactly new. Nation-based censors can use and have used the SNI field to block users from being able to communicate with certain destinations, and China has long been censoring HTTPS in this manner.<\/p>\n\n\n\n<p>Because with ESNI, this information is encrypted, therefore the Great Firewall of China blocks ESNI connections by dropping packets from client to server, it added without knowing who one is trying to communicate with.<\/p>\n\n\n\n<p>You can find out more details on China blocking encrypted HTTPS traffic from these three resources that broke the news. iYouPort, the<a href=\"https:\/\/geneva.cs.umd.edu\/posts\/china-censors-esni\/esni\/\" target=\"_blank\" rel=\"noreferrer noopener\"> University of Maryland<\/a>, and the <a href=\"https:\/\/gfw.report\/blog\/gfw_esni_blocking\/en\/\" target=\"_blank\" rel=\"noreferrer noopener\">Great Firewall Report<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>As of the end of July 2020, China is blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI. These changes from the Chinese Government came in after an update&#8230;<\/p>\n","protected":false},"author":1,"featured_media":8970,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[13,16,18],"tags":[223,313,320,397,526,591,635,636,643],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v22.3 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI<\/title>\n<meta name=\"description\" content=\"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI\" \/>\n<meta property=\"og:description\" content=\"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)\" \/>\n<meta property=\"og:url\" content=\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\" \/>\n<meta property=\"og:site_name\" content=\"Brightwhiz.com\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/brightwhiz\/\" \/>\n<meta property=\"article:published_time\" content=\"2020-08-14T21:38:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-02-22T12:31:37+00:00\" \/>\n<meta property=\"og:image\" content=\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"630\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Bright\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:site\" content=\"@brightwhizmag\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Bright\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#article\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\"},\"author\":{\"name\":\"Michael Bright\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\"},\"headline\":\"China Blocking Encrypted HTTPS Traffic Using TLS 1.3 and ESNI\",\"datePublished\":\"2020-08-14T21:38:56+00:00\",\"dateModified\":\"2024-02-22T12:31:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\"},\"wordCount\":363,\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg\",\"keywords\":[\"Encryption\",\"InfoSec\",\"Internet\",\"Networking\",\"Security\",\"Tools\",\"Web\",\"Web Applications\",\"Websites\"],\"articleSection\":[\"News\",\"Technology\",\"Tools\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\",\"url\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\",\"name\":\"China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI\",\"isPartOf\":{\"@id\":\"http:\/\/local.brightwhiz\/#website\"},\"primaryImageOfPage\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage\"},\"thumbnailUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg\",\"datePublished\":\"2020-08-14T21:38:56+00:00\",\"dateModified\":\"2024-02-22T12:31:37+00:00\",\"description\":\"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)\",\"breadcrumb\":{\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg\",\"width\":1200,\"height\":630,\"caption\":\"China Blocking Encrypted HTTPS\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"http:\/\/local.brightwhiz\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"China Blocking Encrypted HTTPS Traffic Using TLS 1.3 and ESNI\"}]},{\"@type\":\"WebSite\",\"@id\":\"http:\/\/local.brightwhiz\/#website\",\"url\":\"http:\/\/local.brightwhiz\/\",\"name\":\"Brightwhiz.com\",\"description\":\"Best Tech guides, Tutorials, and News\",\"publisher\":{\"@id\":\"http:\/\/local.brightwhiz\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/local.brightwhiz\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"http:\/\/local.brightwhiz\/#organization\",\"name\":\"Brightwhiz\",\"url\":\"http:\/\/local.brightwhiz\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\",\"url\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"contentUrl\":\"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png\",\"width\":706,\"height\":135,\"caption\":\"Brightwhiz\"},\"image\":{\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/brightwhiz\/\",\"https:\/\/twitter.com\/brightwhizmag\",\"https:\/\/instagram.com\/bright_whiz\/\",\"https:\/\/www.pinterest.com\/sobbayi\/\",\"https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ\"]},{\"@type\":\"Person\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32\",\"name\":\"Michael Bright\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/\",\"url\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"contentUrl\":\"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g\",\"caption\":\"Michael Bright\"},\"sameAs\":[\"https:\/\/sobbayi.com\"],\"url\":\"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI","description":"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/","og_locale":"en_US","og_type":"article","og_title":"China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI","og_description":"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)","og_url":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/","og_site_name":"Brightwhiz.com","article_publisher":"https:\/\/www.facebook.com\/brightwhiz\/","article_published_time":"2020-08-14T21:38:56+00:00","article_modified_time":"2024-02-22T12:31:37+00:00","og_image":[{"width":1200,"height":630,"url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg","type":"image\/jpeg"}],"author":"Michael Bright","twitter_card":"summary_large_image","twitter_creator":"@brightwhizmag","twitter_site":"@brightwhizmag","twitter_misc":{"Written by":"Michael Bright","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#article","isPartOf":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/"},"author":{"name":"Michael Bright","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32"},"headline":"China Blocking Encrypted HTTPS Traffic Using TLS 1.3 and ESNI","datePublished":"2020-08-14T21:38:56+00:00","dateModified":"2024-02-22T12:31:37+00:00","mainEntityOfPage":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/"},"wordCount":363,"publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"image":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg","keywords":["Encryption","InfoSec","Internet","Networking","Security","Tools","Web","Web Applications","Websites"],"articleSection":["News","Technology","Tools"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/","url":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/","name":"China Blocking Encrypted HTTPS Traffic on TLS 1.3 and ESNI","isPartOf":{"@id":"http:\/\/local.brightwhiz\/#website"},"primaryImageOfPage":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage"},"image":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage"},"thumbnailUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg","datePublished":"2020-08-14T21:38:56+00:00","dateModified":"2024-02-22T12:31:37+00:00","description":"China blocking encrypted HTTPS traffic that uses TLS 1.3 and ESNI after updates to its national censorship tool, the Great Firewall (GFW)","breadcrumb":{"@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#primaryimage","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2020\/08\/china-blocking-encrypted-https.jpg","width":1200,"height":630,"caption":"China Blocking Encrypted HTTPS"},{"@type":"BreadcrumbList","@id":"http:\/\/local.brightwhiz\/china-blocking-encrypted-https-traffic\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"http:\/\/local.brightwhiz\/"},{"@type":"ListItem","position":2,"name":"China Blocking Encrypted HTTPS Traffic Using TLS 1.3 and ESNI"}]},{"@type":"WebSite","@id":"http:\/\/local.brightwhiz\/#website","url":"http:\/\/local.brightwhiz\/","name":"Brightwhiz.com","description":"Best Tech guides, Tutorials, and News","publisher":{"@id":"http:\/\/local.brightwhiz\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/local.brightwhiz\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"http:\/\/local.brightwhiz\/#organization","name":"Brightwhiz","url":"http:\/\/local.brightwhiz\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/","url":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","contentUrl":"http:\/\/local.brightwhiz\/wp-content\/uploads\/2021\/11\/brightwhiz-com-logo-orange.png","width":706,"height":135,"caption":"Brightwhiz"},"image":{"@id":"http:\/\/local.brightwhiz\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/brightwhiz\/","https:\/\/twitter.com\/brightwhizmag","https:\/\/instagram.com\/bright_whiz\/","https:\/\/www.pinterest.com\/sobbayi\/","https:\/\/www.youtube.com\/channel\/UC6sCdP_d_RiTIM7ErFT-PSQ"]},{"@type":"Person","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/81f0f3126f13834ae2e7f381b3028e32","name":"Michael Bright","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"http:\/\/local.brightwhiz\/#\/schema\/person\/image\/","url":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","contentUrl":"http:\/\/1.gravatar.com\/avatar\/da90485875ff0aafa38fdd494abe87d1?s=96&d=mm&r=g","caption":"Michael Bright"},"sameAs":["https:\/\/sobbayi.com"],"url":"http:\/\/local.brightwhiz\/author\/sobbayiadmin\/"}]}},"_links":{"self":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/8969"}],"collection":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/comments?post=8969"}],"version-history":[{"count":1,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/8969\/revisions"}],"predecessor-version":[{"id":13758,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/posts\/8969\/revisions\/13758"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media\/8970"}],"wp:attachment":[{"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/media?parent=8969"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/categories?post=8969"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/local.brightwhiz\/wp-json\/wp\/v2\/tags?post=8969"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}