ECH stands for Encrypted Client Hello. It is a protocol extension in the context of Transport Layer Security (TLS). ECH encrypts part of the handshake and masks the Server Name Indication (SNI) that is used to negotiate a TLS session. This means that whenever a user visits a website on Cloudflare that has ECH enabled, intermediaries will be able to see that you are visiting a website on Cloudflare, but they will not be able to determine which one.| Cloudflare Docs
Why bother with DNS-over-https? I have run a DNS-over-https proxy for a while now, to experiment with it.| neilzone.co.uk
Creating a DNS sinkhole with Perl and unbound(8)| www.anthes.is
DNS over HTTPS (DoH) is a feature that everyone should use to enhance privacy but in a few circumstances, it can be undesirable. Learn more.| support.mozilla.org
Two years ago, interest in DNS Encryption was lukewarm… In May of 2018, ISC did a survey asking our users about their interest in deploying various DNS privacy measures, including both QNAME minimization and encryption (DNS over HTTP or DoH and DNS over TLS or DoT).| www.isc.org
October 10th, 2019| www.netmeister.org