[Bro-Dev] Potential of including TLSv1.3 support in Bro 2.5

Johanna Amann johanna at icir.org
Mon Oct 10 20:26:34 PDT 2016

On 8 Oct 2016, at 17:38, Vlad Grigorescu wrote:

> Well, I should point out that Cloudflare enabled it a couple of weeks 
> ago:
> https://blog.cloudflare.com/introducing-tls-1-3/

You actually got that to run? I did not manage to get any client to 
successfully negotiate TLS 1.3 with them and set up my own server in the 
end. But perhaps they updated in the last few days...

> I was able to connect with my usual browser and grab a PCAP (after 
> setting
> the option in about:config). It seems to run just fine against the 
> branch
> (attached, in case it's of any use).
> Is there any way to detect TLS 1.3 with git master? I wouldn't expect 
> to
> see any, but I've been surprised once or twice before. I ran the PCAP
> against master, and while I did get an ssl.log, I didn't see anything 
> in
> there that would indicate it's TLS1.3.

Well, it will show up as a binpac error while parsing a specific TLS 
message. Not the best way to do it ;)


More information about the bro-dev mailing list