Anayamba lamulo lokonzekera kusintha kwa Lamulo la Federal "Pa Information, Information Technologies ndi Information Protection", lopangidwa ndi Unduna wa Kupititsa patsogolo Pakompyuta, Kuyankhulana ndi Mass Communications. Lamuloli likufuna kukhazikitsa chiletso choletsa kugwiritsa ntchito gawo la Russian Federation ya "ma encryption protocol omwe amapangitsa kubisala dzina (chizindikiritso) cha tsamba la intaneti kapena tsamba pa intaneti, kupatula milandu yokhazikitsidwa ndi malamulo a Russian Federation. "
Chifukwa chophwanya lamulo loletsa kugwiritsa ntchito ma encryption protocols omwe amapangitsa kubisala dzina la tsambalo, akufunsidwa kuyimitsa kugwiritsa ntchito intaneti pasanathe 1 (limodzi) tsiku la bizinesi kuyambira tsiku lomwe kuphwanya uku kunachitika. bungwe lovomerezeka la federal. Cholinga chachikulu chotsekereza ndikuwonjezera kwa TLS (omwe kale ankadziwika kuti ESNI), omwe angagwiritsidwe ntchito limodzi ndi TLS 1.3 ndipo kale ku China. Popeza mawu mubiluyo ndi osadziwika bwino ndipo palibe zenizeni, kupatula ECH/ESNI, mwamwambo, pafupifupi ma protocol aliwonse omwe amapereka kubisa kwathunthu kwa njira yolumikizirana, komanso ma protocol. (DoH) ndi (DoT).
Tikumbukenso kuti pofuna kukonza ntchito za masamba angapo a HTTPS pa adilesi imodzi ya IP, kukulitsa kwa SNI kudapangidwa nthawi imodzi, komwe kumatumiza dzina la wolandilayo m'mawu omveka bwino muuthenga wa ClientHello womwe umaperekedwa musanayike njira yolumikizirana. Izi zimapangitsa kuti pagulu la omwe amapereka pa intaneti azitha kusefa mayendedwe a HTTPS ndikuwunika malo omwe wogwiritsa ntchito amatsegula, zomwe sizimalola kukwaniritsa chinsinsi chonse mukamagwiritsa ntchito HTTPS.
ECH/ESNI imathetsa kwathunthu kutayikira kwa chidziwitso cha tsamba lomwe mwafunsidwa posanthula kulumikizana kwa HTTPS. Kuphatikizana ndi mwayi kudzera pa intaneti yobweretsera zinthu, kugwiritsa ntchito ECH / ESNI kumapangitsanso kubisala adilesi ya IP yazomwe zafunsidwa kuchokera kwa wothandizira - machitidwe oyendera magalimoto amangowona zopempha ku CDN ndipo sangathe kugwiritsa ntchito kutsekereza popanda kuwononga TLS. gawo, momwemo msakatuli wa wogwiritsa ntchito chidziwitso chofananira chokhudza kusintha kwa satifiketi chidzawonetsedwa. Ngati chiletso cha ECH / ESNI chikuyambitsidwa, njira yokhayo yothanirana ndi izi ndikuletsa kwathunthu mwayi wopezeka ku Content Delivery Networks (CDNs) zomwe zimathandizira ECH / ESNI, apo ayi kuletsa kudzakhala kosagwira ntchito ndipo kumatha kuzunguliridwa mosavuta ndi ma CDN.
Mukamagwiritsa ntchito ECH / ESNI, dzina la wolandirayo, monga SNI, limatumizidwa mu uthenga wa ClientHello, koma zomwe zili mu uthengawu zimasungidwa. Kubisa kumagwiritsa ntchito chinsinsi chowerengedwa kuchokera pa seva ndi makiyi a kasitomala. Kuti mutsitse mtengo womwe walandidwa kapena wolandilidwa wa ECH/ESNI, muyenera kudziwa makiyi achinsinsi a kasitomala kapena seva (kuphatikiza makiyi apagulu a seva kapena kasitomala). Zambiri za makiyi apagulu zimatumizidwa pa kiyi ya seva mu DNS, komanso pa kiyi ya kasitomala mu uthenga wa ClientHello. Decryption imathanso kugwiritsa ntchito chinsinsi chogawana chomwe mwagwirizana pakukhazikitsa TLS, chomwe chimadziwika ndi kasitomala ndi seva.
Source: opennet.ru