Roskomnadzor has blocked access to sites that use the Encrypted Client Hello (ECH) encryption system from Cloudflare. The problem is that the number of such sites is in the hundreds of thousands. The blocking took effect on the night of November 6. Here's what happened.
Encrypted Client Hello is an extension that allows you to hide metadata (such as the site name) from third-party observers when establishing a TLS connection. Cloudflare launched support for this permission on its servers in October of this year.
Without using this ECH, Roskomnadzor can track which domain names a user connected to sites via HTTPS visits. If the ECH extension is enabled, then domain names are not visible.
Presumably, the use of ECH allowed users to bypass the blocking of prohibited sites, which is why Roskomnadzor blocked access to sites via ECH. The irony of the situation is that absolutely legal resources, such as forums or news sites, were also banned.
Note that sites with ECH open via mobile internet. How long this will last is unknown.
Read more on the topic:
No grounds found in Russia to unblock Discord
Roskomnadzor Denies Blocking Steam Access in Russia
Accelerating YouTube is prohibited: RKN warned telecom operators with letters
