Ashu_2116
Mar 06, 2018Nimbostratus
LTM TLS 1.3
Does LTM version 13.X support TLS1.3 if yes how to check that and apply to VS client ssl profiles ?
@Saravanan
How does F5 BigIP handle Perfect Forward Secrecy in the client and server side profiles? TLS 1.3 support ephemeral keys and the keys can be changed midway during the SSL session. How would F5 BigIP be able to gain access to the ephemeral keys to decrypt the sessions? Any idea when we can get more details?
laksh, you seem to be implying passive decryption, which isn't possible anyway. BIG-IP handles PFS as a function of the proxy architecture, terminating the TLS session on the client side, and initiating a separate TLS session on the server side.