New Firefox 64.0 update with ESNI support

For those waiting for stable builds before testing ESNI, Firefox 64.0 now removes the need for Nightly Builds. :smiley:

.

Yay! Goodbye, Nightly. Until we meet again.

1 Like

On my Windows machine this worked straight away but on my Mac I had to visit about:config and set network.security.esni.enabled to true.

It’s great that this now works without using Nightly.

1 Like

It doesn’t work here, Firefox 64.0 (64-bit). network.security.esni.enabled;true didn’t help either.

Have you set trr mode and URL to the following?
network.trr.mode 2
network.trr.uri https://1.1.1.1/dns-query

No, I don’t leak my DNS queries to a third party.

It won’t work with mode 0 or 5 and in your case, you’ll need to setup your own DoH server.

I’m not seeing anything in draft-ietf-tls-esni-02 that suggests any
dependency on DoH. In my case my DNS requests go over a VPN to a trusted
DNS server, so they’re already safe from ISP snooping, but I don’t route
all HTTP/HTTPS traffic over the VPN.

Is this just a poor/early implementation in Firefox, or did I miss
something in the esni specification?

The chrome feature request - https://crbug.com/908132 I recommend logging in and starring the issue to act as your vote to see it implemented.