As a follow-up: since all responses were positives, I filed a merge-request for this and it should (hopefully) make it into 2.5.
Merge-request for those who want to follow it: https://bro-tracker.atlassian.net/browse/BIT-1727 Johanna On Fri, Oct 07, 2016 at 02:06:53PM -0700, Johanna Amann wrote: > I just finished a branch that adds support for TLSv1.3 to Bro (branch > topic/johanna/tls13, important commit: > https://github.com/bro/bro/commit/fdef28ce7c3455d43267ab07dbb8ad96c9ea3890). > > What do people think of the idea of adding that patch to the upcoming Bro > 2.5 release? > > I know that we are quite late in the current release process and that we > should not really make any feature changes after releasing the beta. It > would, however, be neat to be able to support TLSv1.3 starting the moment > that people actually start to use it; without that support, we will only > have empty lines in ssl.log for these connections. Furthermore, the > changes that are needed to support TLSv1.3 have nearly no interaction with > the code that is used to parse earlier versions of TLS. Even if there are > problems with the code (or if the on-the-wire format still changes), the > only thing that should happen is that binpac throws errors. Which is > exactly what already happens now when throwing TLSv1.3 sessions at the > current master versions of Bro. > > Thanks, > Johanna > _______________________________________________ > bro-dev mailing list > bro-dev@bro.org > http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev > _______________________________________________ bro-dev mailing list bro-dev@bro.org http://mailman.icsi.berkeley.edu/mailman/listinfo/bro-dev