Thanks for the info, Michel! There are a couple of interesting TLS features like hybrid key exchange and emerging standards like compact TLS (cTLS) and Encrypted Client Hello (ECH) that would benefit from knowing how “deployable” they are in practice. If probes could be upgraded and then controlled to enable these types of features, it could help the standardization process. Is there any way these types of probes could be supported? I certainly don’t know the update cadence for probes, though given that they’re currently capped at TLS 1.2 I suspect it’s something like “not often.” Best, Chris
On May 13, 2022, at 3:52 AM, Michel Stam <mstam@ripe.net> wrote:
Hello Christopher,
The probes use OpenSSL for the TLS stack, the exact features compiled in depend a little on the probe used, but right now the software will support up to TLS v1.2.
Is there any feature in particular you’re looking for?
Regards,
Michel
On 12 May 2022, at 11:50, Christopher Wood <caw@heapingbits.net> wrote:
Hi folks,
Apologies in advance if the answer to this question is available online somewhere, but I’m wondering if anyone knows what TLS stack is used in Atlas probes, and in particular, what sort of TLS features are configurable by such probes.
Best, Chris -- ripe-atlas mailing list ripe-atlas@ripe.net https://lists.ripe.net/mailman/listinfo/ripe-atlas