Google Chrome new ClientHelloSpec
gaukas opened this issue · comments
TLS Client
Google Chrome Version 115.0.5790.110 (Official Build) (64-bit)
Known Fingerprints
- N/ffa2ee96ff7b42d4 (no
pre_shared_key
) - N/6ff3881f1cbb1497 (
pre_shared_key
, nopadding
) - N/84cf5dd358538618 (
padding
thenpre_shared_key
) New
Notes
Tap data (according to https://tlsfingerprint.io) shows that the new fingerprint is still less popular (1.48% of the connection) comparing to the former ones (35.08% and 6.64% respectively) in the past week, which indicates that there could be some hidden criteria being met before the third fingerprint in the list is getting selected or maybe there could be an A/B test.
Advised Action
A parrot for the third fingerprint could be useful. A PR is welcomed, or utls team will consider including the parrot when this fingerprint becomes more popular.
Let's hold this one. Currently expecting Google Chrome to make major changes in the next version. Related to #221.
Post-Quantum ClientHelloSpec in Chrome 115 after setting chrome://flags/#enable-tls13-kyber
:
- N/8df981daa05723dc (no
pre_shared_key
†) - N/1f8c15afb9d38c74 (
pre_shared_key
)
† Does not come with a padding
extension, likely due to the enormous size of x25519kyber768's key share data.