China Is Now Blocking All Encrypted HTTPS Traffic That Uses TLS 1.3 and ESNI

An anonymous reader writes: The Chinese government is currently using the Great Firewall censorship tool to block certain types of encrypted HTTPS connections. The block has been in place for more than a week, according to a joint report authored by three organizations tracking Chinese censorship — iYouPort, the University of Maryland, and the Great Firewall Report. ZDNet also confirmed the report's findings with two additional sources — namely members of a US telecommunications provider and an internet exchange point (IXP) — using instructions provided in a mailing list.

Per the report, China's Great Firewall (GFW) is now blocking HTTPS connections set up via the new TLS 1.3 encryption protocol and which use ESNI (Encrypted Server Name Indication). The reason for the ban is because the combination of HTTPS+TLS1.3+ESNI blocks networks observers from inferring the destination of the HTTPS connection, blinding Chinese censors to local internet traffic.