Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

JA3 fingerprints and random order of TLS extensions #1898

Closed
IvanNardi opened this issue Mar 4, 2023 · 1 comment
Closed

JA3 fingerprints and random order of TLS extensions #1898

IvanNardi opened this issue Mar 4, 2023 · 1 comment
Labels
question

Comments

@IvanNardi
Copy link
Collaborator

Google Chrome started to randomize the order of TLS extensions in ClientHello packet, to reduce ossification.
This update has been already deployed.
https://www.fastly.com/blog/a-first-look-at-chromes-tls-clienthello-permutation-in-the-wild
A similar patch has been already merged in Firefox.

Has this change any impacts on JA3 fingerprints calculated by nDPI?
@IvanNardi
Copy link
Collaborator Author

Has this change any impacts on JA3 fingerprints calculated by nDPI?

Yes, it has :) See #2551 (comment)
Let's keep track of the effort to remove JA3C there...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@IvanNardi