[Bro-Dev] Potential of including TLSv1.3 support in Bro 2.5

Johanna Amann johanna at icir.org
Thu Oct 13 14:52:21 PDT 2016

As a follow-up: since all responses were positives, I filed a
merge-request for this and it should (hopefully) make it into 2.5.

Merge-request for those who want to follow it:


On Fri, Oct 07, 2016 at 02:06:53PM -0700, Johanna Amann wrote:
> I just finished a branch that adds support for TLSv1.3 to Bro (branch
> topic/johanna/tls13, important commit:
> https://github.com/bro/bro/commit/fdef28ce7c3455d43267ab07dbb8ad96c9ea3890).
> What do people think of the idea of adding that patch to the upcoming Bro
> 2.5 release?
> I know that we are quite late in the current release process and that we
> should not really make any feature changes after releasing the beta.  It
> would, however, be neat to be able to support TLSv1.3 starting the moment
> that people actually start to use it; without that support, we will only
> have empty lines in ssl.log for these connections. Furthermore, the
> changes that are needed to support TLSv1.3 have nearly no interaction with
> the code that is used to parse earlier versions of TLS. Even if there are
> problems with the code (or if the on-the-wire format still changes), the
> only thing that should happen is that binpac throws errors. Which is
> exactly what already happens now when throwing TLSv1.3 sessions at the
> current master versions of Bro.
> Thanks,
>  Johanna
> _______________________________________________
> bro-dev mailing list
> bro-dev at bro.org
> http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev

More information about the bro-dev mailing list