DisableEncryptedClientHello
Disable the TLS Feature for Encrypted Client Hello. Note that TLS Client Hellos will still contain an ECH extension, but this extension will not be used by Firefox during the TLS handshake.
Compatibility: Firefox 127, Firefox ESR 128
CCK2 Equivalent: N/A
Preferences Affected: network.dns.echconfig.enabled, network.dns.http3_echconfig.enabled
Windows (GPO)
Section titled “Windows (GPO)”Software\Policies\Mozilla\Firefox\DisableEncryptedClientHello = 0x1 | 0x0Windows (Intune)
Section titled “Windows (Intune)”OMA-URI:
./Device/Vendor/MSFT/Policy/Config/Firefox~Policy~firefox/DisableEncryptedClientHelloValue (string):
<enabled/> or <disabled/><dict> <key>DisableEncryptedClientHello</key> <true/> | <false/></dict>policies.json
Section titled “policies.json”{ "policies": { "DisableEncryptedClientHello": true | false }}