The Windows Club

TheWindowsClub covers authentic Windows 11, Windows 10 tips, tutorials, how-to's, features, freeware. Created by Anand Khanse, MVP.

Enable Encrypted Client Hello in Microsoft Edge to improve privacy

Download Windows Speedup Tool to fix errors and make PC run faster

Microsoft is always looking for new ways to improve Edge browser, and the latest is all about adding support for Encrypted Client Hello or ECH. For those who are not fully aware, Encrypted Client Hello is a mechanism found in Transport Layer Security protocol, or TLS, that improves privacy by encrypting every privacy-sensitive factor of the TLS connection.

Now, for those who are wondering what TLS is, well it is a cryptographic protocol that is used by clients and servers to exchange vital encryption keys. Now, the problem with the current implementation of TLS is that it is not as secure as some would want it to be. For example, Server Name Indication can show what server communicates with a client that bypasses encryption. In a situation like this, Microsoft hopes to solve the problem with the Encrypted Client Hello extension for Edge. When it is activated, it will provide full handshake encryption along with protection from eavesdropping over a network.

How to enable Encrypted Client Hello in Microsoft Edge

How to enable Encrypted Client Hello in Microsoft Edge

The feature is currently not available to Edge Stable version but will be rolled out soon. So you will first need to download the Beta, Dev, or Canary version of Microsoft Edge.

Download Microsoft Edge version 105 or later

Download Edge Dev Channel version

To begin, we must download the latest version of Microsoft Edge from the Beta, Dev, and Canary channels. Let us look at how to get this done.

  • OK, so open the regular version of Edge.
  • Visit the Microsoft Edge Insider page.
  • Next, download the version that best suits your needs.
  • If you’re not sure, we suggest downloading the Beta.

Finally, install it on your computer in order to move forward.

Navigate to Edge Properties

Microsoft Edge Beta Properties

The next step to take here is to fire up the Properties window for Microsoft Edge, and that is easy to get done.

  • Right-click on the browser icon located on your desktop.
  • Select the Properties option via the context menu.

Edit the Target box from within Edge Properties

We now want to make a few changes to the contents of the Target box. Nothing will be deleted, just added.

  • From the Properties window, please select the Shortcut tab.
  • Click within the Target box.
  • Do not delete the contents within the box.
  • Go to the end of the content, then press the Space key once.
  • After that, please type: –enable-features=EncryptedClientHello
  • Hit the OK button right away.

Enable Encrypted Client Hello on Edge

The final thing we want to get done here is to enable Encrypted Client Hello on your Insider version of Microsoft Edge.

  • Open Microsoft Edge Insider.
  • Next, you must navigate to edge://flags/#dns-https-svcb.
  • Look for Support for HTTPS records in DNS and enable it.
  • Also, search for Use DNS https alpn and enable it as well.

Edge Flags Client Hello

  • Restart Microsoft Edge.
  • The next thing to do is to navigate to the Settings area.
  • Select Privacy, search, and services.
  • Click on Security.
  • Ensure that Use Secure DNS is turned on.
  • Click on Choose a service provider.
  • From the list, please select Cloudflare.

Choose a Service Provider Edge

  • Again, Restart Microsoft Edge Insider

Finally, visit this page after restarting the web browser. If there is a green tick next to SSL_ECH_STATUS, then everything went according to plan.

Extra privacy is now a thing for your version of Microsoft Edge, so pat yourself on the back.

ReadHow to create a Bookmark to restart Chrome, Edge, or Opera

What is Encrypted Client Hello

Encrypted Client Hello, or ECH for short, is an IETF draft at the moment. The client hello options are wrapped up in an unencrypted Client Hello Outer that is primarily used as a vessel to carry the encrypted blob from one location to the next. This blob will look like other clients’ hello options to all servers not yet supporting ECH.

What is Microsoft Edge?

Microsoft Edge is to be the default web browser for all Windows 11/10 computers. But not only that, it ensures Microsoft can still dictate the development of the modern web. Furthermore, since Internet Explorer is no more, Microsoft needed a web browser for those few enterprise websites that still supports ActiveX.

What is the difference between Microsoft Edge and Internet Explorer and Chrome?

Microsoft Edge is faster and more secure than Internet Explorer. Not only that but Edge was designed for the modern web, which means web pages will render adequately, something one cannot expect where Internet Explorer is concerned.

Also, while Chrome and Edge are based on Chromium (they use the same render engine), Microsoft has done much work to differentiate Edge from Chromium in both features and design. At the time of writing, Edge is faster at loading web pages than Chrome and better for streaming videos and playing video games.

VamienMcKalin@TWC

Vamien has studied Computer Information Services and Web Design. He has over 10 years of experience in building desktop computers, fixing problems relating to Windows, and Python coding.

Reader Interactions

Leave a Reply

Your email address will not be published. Required fields are marked *