Good-bye ESNI, hello ECH!

Encrypted Client Hello (ECH) is a new extension for Transport Layer Security (TLS) that aims to enhance the privacy of critical internet protocols by encrypting metadata during the handshake process. ECH protects sensitive information such as Server Name Indication (SNI), which can be used to infer details about client-server communication, and lays the groundwork for future security features and performance enhancements while minimizing their impact on user privacy. The development of ECH is a collaborative effort between academics and tech industry leaders, including Cloudflare, Fastly, Mozilla, and others. While not yet ready for large-scale deployment, ECH represents a significant upgrade to the TLS protocol, building upon emerging technologies like DNS-over-HTTPS.