How Your HTTPS Connection Can Still Leak Site Visits and What Encrypted ClientHello Does

When a new employee was questioned for accessing HTTPS sites on a corporate computer, the confusion stemmed from the fact that HTTPS does not hide everything; many layers of network communication can still expose visited sites. DNS queries are sent in clear text, allowing observers such as ISPs to infer the target domain.

If a website has a unique IP address, simply seeing that address can reveal the site, though this fails for shared IPs behind CDNs.

Traffic analysis can match specific packet sizes and orders to particular pages, hinting at the visited site.

Browser cookies or localStorage entries for a domain prove prior visits.

The article then focuses on the HTTPS protocol itself, which combines HTTP (a clear‑text application layer) with TLS (a transport‑layer encryption protocol). While TLS encrypts the data payload, the handshake that establishes the TLS connection is not fully encrypted.

TLS Handshake Overview

During the first connection to an HTTPS site, the browser performs a TLS handshake:

The client sends a ClientHello containing supported TLS versions, cipher suites, a random client random value, and the SNI (Server Name Indication) which carries the domain name.

The server replies with a ServerHello , also including its own random data and the SNI it received.

The handshake serves three purposes: negotiating the TLS version and cipher suite, authenticating the server via its CA‑signed certificate, and generating a session key for encrypting subsequent traffic.

Because the SNI is transmitted in clear text, firewalls and other middleboxes can read the domain name during the handshake, compromising privacy even though the data payload is encrypted.

Firewalls may first inspect SNI and decide whether to perform deep packet inspection based on the domain.

Encrypted ClientHello (ECH)

ECH is a TLS 1.3 extension that encrypts the ClientHello, including the SNI, preventing observers from learning the target domain. To use ECH, both the server and the client must support the extension.

The server must implement TLS with the ECH extension enabled.

The client (e.g., a recent version of Chrome) must enable ECH, often via chrome://flags/#encrypted-client-hello.

Cloudflare provides an SNI test page that returns plaintext when ECH is not supported and encrypted when it is. Enabling ECH in Chrome and revisiting the test page shows the encrypted response, confirming support.

Conclusion

While HTTPS encrypts the data exchanged between client and server, the TLS handshake leaks the domain name via the clear‑text SNI. Encrypted ClientHello mitigates this risk by encrypting the handshake information, offering stronger privacy for users.

References

Encrypted ClientHello: https://blog.cloudflare.com/encrypted-client-hello/

Cloudflare SNI test page: https://crypto.cloudflare.com/cdn-cgi/trace

Chrome flag for ECH: chrome://flags/#encrypted-client-hello