CloudFlare has implemented support for Encrypted SNI
On September 2? CloudFlare announced the support of the TLS 1.3 Encrypted SNI extension
blog developers of Chrome this transition is already on the mountains.
ESNI should be supported by browsers. So far with support is not very much.
What do we get from this?
Censorship on the Internet is much more complicated. Now most of the locks are done by DNS names. All these locks will stop working. Only DNS queries or IP addresses will remain blocked.
DNS query blocking will stop working after the default DNS over HTTPS is turned on in standard browsers. And there will be only one possibility to block by IP addresses. You can block either DNS servers or unwanted sites.
Blocking by IP addresses is for very brave people. One lock can hook on a lot of uncomplicated domains and there is no adequate way to check in advance who exactly will hook. A blocked service can be in a couple of clicks, and in general automatically, change the address to not blocked. Its users will not even notice anything.
Life will be a little bit better. But not now. Before the full support of ESNI, it is still necessary to take several steps.
Check your browser for support for TLS 1.? ESNI and DNS encryption can be here: www.cloudflare.com/ssl/encrypted-sni
It may be interesting