Internet Society Statement: Blocking TLS 1.3 in China Makes the Internet Less Secure
This statement was first published on 14 August 2020 on the ISOC website
We are concerned about recent media reports that the government of China is blocking certain kinds of encrypted web connections. China appears to now block all web connections (HTTPS) that use a new open standard developed to make the Internet more secure. Technically speaking, this block affects HTTPS connections using Transport Layer Security (TLS) version 1.3 that are also using a setting called encrypted server name indication (ESNI).
Businesses are increasingly adopting TLS 1.3 because it improves the security, privacy, and performance of websites and TLS 1.3 is available in all major browsers and web server products. Blocking the use of TLS 1.3 will make the Internet less secure in China by forcing users to send data with lower levels of security or no security at all. It puts companies doing business in China at risk by making their Internet connections less secure, it dissuades foreign investment, and makes Chinese citizens more vulnerable to security and privacy threats by actors outside the country.
With more people than ever relying on the Internet to work and study from home, it is critical to make sure the Internet is as secure and reliable as possible and that businesses, their customers, and trading partners can conduct e-commerce safely. Forcing business to be less secure online is dangerous and counter-productive. It not only threatens the country’s economic development, but further fragments the Internet where parts of the world will have a “more secure” Internet and others will have a “less secure” Internet.
Read more about ISOC’s work in 2020 on:
- expanding the use of encryption to make the Internet more secure
- accelerating the deployment of open standards such as TLS 1.3
- helping people understand that the Internet way of networking is why we have this critical lifeline we rely on today