Been hearing a lot about TLSv1.3 being slowly implemented in more ‘areas’ of the internet due to its more secured and faster handshakes. However, we’re may still be in the dark where one may use ESNI (for whether reason). Typically the default way is to use it without ESNI.
So my team is wondering if ExtraHop has the ability to identify TLSv1.3 that comes with ESNI.
Some very useful articles that i have used to assist me in my research and ‘digging’ - Reference