undefined | Better HN

0 pointsnicce1y ago0 comments

It is about moving the trust.

> This means that whenever a user visits a website on Cloudflare that has ECH enabled, no one except for the user, Cloudflare, and the website owner will be able to determine which website was visited.

So you must use entity which controls the DNS and this entity makes the request further for actual website. Feels like just worse VPN.

0 comments

winkelmann1y ago

> It is about moving the trust.

Trust isn't being moved, though. Cloudflare could, by design, always see what website you were accessing. The difference is with ECH, there is one less party (someone listening in on your internet traffic) that can see which hostname you're accessing.

nicceOP1y ago

I was more like comparing to VPN. My argument was poor. But on high level many do not use VPNs and they have very negative impact for service UX anyway these days, so not a big point.

j / k navigate · click thread line to collapse