The Radar post-quantum TLS support checker now also reports TLS bugs detected during the handshake test. When a scanned host exhibits compatibility issues, the results include details on the specific bugs detected, along with guidance on how to investigate and remediate each issue. The bugs section only appears for hosts where issues are found.
The following TLS bugs are detected:
- Split ClientHello — The connection fails with a fragmented post-quantum
ClientHellobut succeeds with classical handshakes. Typically caused by middleboxes or firewalls that cannot reassemble split TLS messages. - HRR Failure — The server sends a
HelloRetryRequestbut fails to complete the handshake afterward. - Unknown Keyshare — The server cannot handle unknown key exchange algorithms and fails instead of responding with a
HelloRetryRequestas required by the TLS 1.3 specification.
Bug detection data is available through the existing /post_quantum/tls/support endpoint.
Visit the Post-Quantum Encryption page to test a host.
Source: Cloudflare
Latest Posts
- Amazon MSK Express brokers now support Intelligent Rebalancing on existing clusters
- Announcing the general availability of a new AWS Local Zone in Hanoi, Vietnam
- AWS Compute Optimizer enhances EBS volume recommendations with additional performance metrics
- (Updated) Use sensitivity labels to block all connected experiences that analyze content in Word, Excel, and PowerPoint [MC1297982]
