Mozilla サポートの検索

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

詳しく学ぶ

このスレッドはアーカイブに保管されました。 必要であれば新たに質問してください。

esni (encrypted sni) does not work anymore

  • 3 件の返信
  • 1 人がこの問題に困っています
  • 1 回表示
  • 最後の返信者: cor-el

more options

In the past I used to be able to turn encrypted sni on I did a firefox reset yesterday then I reinstalled my add ons

and I re-enabled encrypted sni by setting: about:config network.security.esni.enabled = true

but when I test it on https://www.cloudflare.com/ssl/encrypted-sni/ the test takes a lot longer and also everything is green except esni: "Your browser did not encrypt the SNI when visiting this page."

So something is clearly wrong, but I don't know what it is.

how do I fix this?

In the past I used to be able to turn encrypted sni on I did a firefox reset yesterday then I reinstalled my add ons and I re-enabled encrypted sni by setting: about:config network.security.esni.enabled = true but when I test it on https://www.cloudflare.com/ssl/encrypted-sni/ the test takes a lot longer and also everything is green except esni: "Your browser did not encrypt the SNI when visiting this page." So something is clearly wrong, but I don't know what it is. how do I fix this?
添付されたスクリーンショット

すべての返信 (3)

more options

Hi, the plan is to switch from ESNI to ECH (Encrypted Client Hello).

  • Bug 1667801 - Cloudflare reports ESNI is no longer working (ECH)

(please do not comment in bug reports
https://bugzilla.mozilla.org/page.cgi?id=etiquette.html
)


Comment 14:

I'd like to update our current plan about esni and echConfig. That is we will only support echConfig in the future. esni is supported now, but will be replaced by echConfig when bug 1654332 is done.

この投稿は cor-el により に変更されました

more options

Thanks for your answer, but things remain unclear for me.

"

cor-el said

the plan is to switch from ESNI to ECH (Encrypted Client Hello).

First question: this answer implies that encrypted sni should still be working, is the bug only causing problems for me or does everybody with firefox 84.0.2 have the same issue? and why is it still configurable in about:config if esni support is gone?

Second question: Should I switch to ECH (Encrypted Client Hello)? Is it the same as encrypted sni?

Should I turn network.dns.echconfig.enabled = true? (It's still false in my default config)

sorry for many the questions, thank you in advance.

more options

この投稿は cor-el により に変更されました