Högskolan i Skövde

With the addition of Transport Layer Security (TLS) 1.3 extension Encrypted Client Hello (ECH), new challenges are present for network- and system administrators in relation to web content moderation. Notable concerns have been issued for ECH circumventing content filtering efforts as ECH introduces new functionality to cover up previous metadata leaks. Core Information Technology (IT) security implementations used these metadata leaks to perform necessary evaluations of client network traffic. Encryption of metadata such as Server Name Indication (SNI), Application-Layer Protocol Negotiation (ALPN) and more, requires a new outlook for how to safely adapt to current day privacy improvements. Authors present current day issues observed with ECH, a general outlook on protocol improvement areas and how to adapt to new challenges ahead in organisational environments. IT-security solutions are presented for their intended ability of securing IT-infrastructure and evaluated if they can continue operational functionality in relation to ECH. Authors present a simple and open source solution for content filtering, and examining the solution in various environments. The solution is deemed to be primarily applicable for organisations as supporting implementations are required for the solution to be deemed as effective. The report addresses concerns issued by researchers on how to safely incorporate DNS over HTTPS (DoH) and ECH-enabled websites to foster the adoption process.