Ministry of Digital Development, Communications and Mass Media submitted for public discussion draft amendments to federal law 149-FZ "On information, information technology and information protection". As follows from explanatory note, the document proposes to prohibit DoH (DNS over HTTPS), DoT (DNS over TLS) and ESNI, and even on TLS 1.3.
"The bill establishes a ban on the use of encryption protocols on the territory of the Russian Federation, allowing to hide the name (identifier) of an Internet page or site on the Internet, except for cases established by the legislation of the Russian Federation," the document says.
The proposed changes are as follows:
1) Clause 21 shall be added to Article 2 as follows:
"An encryption protocol that allows you to hide the name (identifier) of a web page or site on the Internet" is an abstract or specific protocol that includes a set of rules governing the use of cryptographic transformations and algorithms in information processes. ";
2) Clause 2 of Article 10 shall be supplemented with paragraphs as follows:
“It is prohibited to use on the territory of the Russian Federation encryption protocols allowing to hide the name (identifier) of an Internet page or site on the Internet, except for the cases established by the legislation of the Russian Federation.
Violation of the prohibition on the use in the Russian Federation of encryption protocols that allow hiding the name (identifier) of a web page or site on the Internet, entails the suspension of the functioning of the Internet resource no later than 1 (one) business day from the day the violation was discovered by the authorized federal executive body ".
In essence, it says mechanisms such as DoH, DoT, ESNI and TLS 1.3 could "reduce the effectiveness of existing filtering systems," that is, prevent authorities from identifying and blocking sites with prohibited information, as well as monitoring which resources are visited by users.
The bill, as expected, caused a violent reaction from the IT community, and journalists collected some interesting comments from specialists in their material. Roskomsvoboda… So, it is noted that such blockings can lead to massive problems with Amazon Web Services, Cloudflare, Digital Ocean, and so on, and the result will be approximately the same as during the blocking of Telegram.
Public discussion of the bill will end on October 5, 2020.
It should be noted that this year, the Chinese authorities have already begun to block ESNI and TLS 1.3.