RT @chey_cobb: The Great Firewall of China blocks new HTTPS tech like TLS 1.3 and ESNI. Older versions not blocked, buuuut... Chinese censors can infer what domain a user is trying to connect to by examining the plaintext SNI fields.
a taste of things to come
the most insidious threats are ones most of us have no ability to conceptualize
🛰 corrupting core compute and connectivity infrastructure
🗝 controlling and manipulating information
Maybe...but you’re assuming that state secrets and communications aren’t encrypted by higher encryption standards. I have a feeling the Chinese government works on a “Do as we say, not as we do” model. Just personal opinion for now...but I’m sure there’s data to support this in multiple regards to how they manage their government (not just in a purely technical sense).
If they had bypassed it, they wouldn't need to ban it. The fact that they're resorting to a ban indicates that they don't currently have a good solution to dealing with unwanted or censored traffic using TLS1.3.
The focus here isn't tls 1.3 or encryption quality, it's specifically the ESNI feature in tls 1.3. The uk was also quite aggressive when Mozilla tried to roll out DoH, which would've enabled ESNI by default in uk.