A national censor that wants to block an app has a few levers. It can block the app's IP addresses, block its domain names through DNS tampering, or inspect the metadata of encrypted connections and drop the ones headed somewhere forbidden. The last of these leans on a quirk of how HTTPS connections start: even though the content is encrypted, the name of the site you are connecting to has historically been sent in the clear.
The Clue a Censor Reads: SNI
When your browser opens a TLS connection, it sends a field called Server Name Indication, or SNI, in the very first message, the ClientHello. SNI tells the server which site you want, so that a single IP address hosting many sites knows which certificate to present. The catch is that the ClientHello happens before encryption is established, so SNI is visible to anyone watching the wire.
For a censor, SNI is the gift that keeps giving. It does not need to break any encryption. It just watches for ClientHello messages whose SNI names a banned domain and kills those connections. This is one of the most common censorship techniques in deployment, precisely because it is cheap and surgical.
An HTTPS request actually names its destination twice. The SNI field, sent in plaintext during the handshake, and the HTTP Host header, sent inside the encrypted channel after the handshake. Normally these match. Domain fronting made them deliberately disagree.
The Trick: Two Different Destinations
Domain fronting worked on large cloud platforms and content delivery networks that host thousands of sites behind a shared front end. Here is the move:
- The SNI, the part the censor can see, names an innocuous, allowed domain hosted on the same CDN, say a popular service the censor would never dare block.
- The Host header, hidden inside the encrypted connection, names the actual blocked destination, also hosted on that CDN.
From the outside, the connection looks like ordinary traffic to the allowed service. The censor sees a ClientHello for a domain it permits and lets it through. But once the encrypted channel is up, the CDN's front end reads the inner Host header and routes the request to the blocked service. The censor permitted a connection it believed was going somewhere safe, and the CDN quietly delivered it somewhere else.
The reason this was so powerful is the collateral-freedom property. Because the visible destination was a major shared platform, blocking it meant blocking every site on that platform. A censor that wanted to stop the fronted traffic would have to take down a huge swath of the legitimate internet along with it. For a while, apps like Signal and the Tor network's meek transport used domain fronting to stay reachable in places that tried to block them.
Why It Died
The technique depended entirely on the cloud providers tolerating a mismatch between SNI and Host header. In April 2018, within days of each other, both Google and Amazon changed their infrastructure to reject it. Google's change came as it reworked how its front end mapped domains; Amazon's CloudFront added enforcement that the SNI and Host header had to refer to the same distribution. The providers framed it partly as a configuration and security matter, and the practical effect was the same: the mismatch that made fronting possible no longer routed.
There were real reasons beyond censorship for the providers to dislike it. Domain fronting let any customer impersonate the apparent destination of another customer's traffic, which is a problem for abuse and for the providers' own relationships with governments. Once the two largest platforms closed the door, the technique lost most of its reach, because its whole value came from hiding behind infrastructure too big to block.
| Layer | What the censor sees | With domain fronting |
|---|---|---|
| Destination IP | A big CDN's address | Shared by thousands of sites |
| SNI (plaintext) | The named domain | An allowed front domain |
| Host header (encrypted) | Nothing | The real, blocked domain |
What Replaced It
The censorship-resistance community did not give up; it moved up the stack. Two directions matter.
Encrypting the name itself
If the problem is that SNI leaks the destination, the fix is to stop sending it in the clear. Encrypted Client Hello, ECH, encrypts the entire ClientHello, including the server name, so a network observer can no longer read which site you want. ECH is the direct structural answer to SNI-based censorship, and its rollout has been gradual because it depends on both browsers and large hosting providers supporting it. Where it is deployed, the censor's favorite clue disappears.
Domain hiding and refraction
A successor technique sometimes called domain hiding revived the spirit of fronting using newer TLS features, again making the visible and real destinations differ. Separately, a research line called refraction networking, or decoy routing, places the circumvention logic inside the network itself: a participating router along the path recognizes a special signal in otherwise normal-looking traffic and redirects it to the censored destination. Both share fronting's core idea, that the safest place to hide forbidden traffic is inside traffic the censor cannot afford to block.
Domain fronting was never a property of the censored app. It was borrowed from infrastructure the app did not control, and it vanished the moment that infrastructure changed its mind. Circumvention built on someone else's tolerance is circumvention on loan.
What This Means for Reachability
The arc of domain fronting is a reminder that censorship resistance and content security are different problems with different owners. Encryption protects what you say. Reachability, whether you can connect at all, is a separate fight, often decided by infrastructure choices far above any single application. An app can have flawless end-to-end encryption and still be trivially blockable at the network edge if its connections are easy to identify.
That distinction shapes how we think about Haven. Strong cryptography is the floor, not the ceiling. Keeping a tool reachable for people in adversarial network conditions, the journalists and activists who need it most, means paying attention to the metadata its connections expose and to standards like ECH that shrink the censor's signal. We would rather be honest that reachability is an ongoing problem than pretend encryption alone solves it. If you want the neighboring pieces, our explainers on Encrypted Client Hello and Tor bridges and pluggable transports go deeper on the modern toolkit.