In Cybersecurity, What is GREASE?

I do a good deal of analysis of the TLS stack, as it is fundamental for the trust and security of virtually every connection that we make to the Web. It works by a client sending a list of crypto suites that it can support (a client HELLO), and the server replies with the one that it wants to use (the server HELLO). If we look at a TLS 1.3 session, we get this for a client HELLO:

One of the problems with TLS is that an organisation can set up a middlebox, which can enforce protocol standards on the connections. This can limit the migration to new TLS standards, such as from TLS 1.2 and TLS 1.3. To overcome this, we can use GREASE (Applying Generate Random Extensions And Sustain Extensibility TLS Extensibility) [here]:

This is can be used by clients to tell these middleboxes that there are new features that could be added, such as for new TLS versions, new TLS cipher and new TLS extensions.

If you are interested, here is how tunnels work: