In general, the first time I heard it, I was very happy that Clienthello Tls messages will be fully encrypted inside the QUIC protocol, since this is a big leap forward in privacy. That there is no need for ESNI, but yesterday I saw this article(Title: Parsing QUIC Client Hellos) on the Chronium project, it is written about parsing ClientHellos, or I misunderstood something, or they mean decrypting ClientHellos already on the server side and not by a person in the middle. There's a draft reference about encrypting standart, but I as far as I understand it still depends on DNS. Can you correct me? Thanks.
Asked
Active
Viewed 133 times
0
-
*"... I was very happy that Clienthello Tls messages will be fully encrypted inside the QUIC protocol ..."* - I'm not sure what you've heard or read, but it was wrong or you've interpreted it wrongly. Apart from that - such questions are more on-topic at [security.se]. – Steffen Ullrich Dec 20 '20 at 16:50
1 Answers
2
ClientHello
messages are encrypted in QUIC, but the keys are published in the QUIC specification and so the Initial packets are easily decrypted.
![](../../users/profiles/4932826.webp)
Dmitri
- 392
- 3
- 10
-
-
That's a different question! I may answer it if you accept my answer to the original. – Dmitri Jan 14 '21 at 20:15
-
If you'll answer all of questions then :). Btw it's done. I read about new extension to TLS 1.3 Encrypted Client Hello which should fix this issue. https://blog.cloudflare.com/encrypted-client-hello/ Yes what's the point if QUIC keys can be decrypted? – Frederick Warren Jan 16 '21 at 15:59
-