UA claims current Chrome but the TLS handshake offers no post-quantum key share

net.tls_pq_keyshare_vs_ua  ·  convicts

network, browserlayer
coherencecategory
4evaders caught

What it catches

Chrome 131+ sends X25519MLKEM768 (124-130 the Kyber768 draft) in supported_groups by default; a TLS template pinned to a pre-2025 Chrome profile (older curl-impersonate/utls/BoringSSL, Go <=1.23) lags it. Catches template lag only — modern OpenSSL 3.5+/Go 1.24+ also ship the group (validated live), so it is silent on a current generic stack. Experimental: a corporate TLS-inspection proxy or PostQuantumKeyAgreementEnabled=false also strips it.

Signals it reads

network.tls_no_pq_keyshare

How it fires

present

Evaders it caught 4

Bypassed by 10

Frontier evaders that reach the detector uncaught (scored only suspicious, defeating every convicting tell) — this check is not one that stops them. The red-team frontier this detection still has to convict.

← all detections