{"id":520,"date":"2026-05-29T00:00:00","date_gmt":"2026-05-29T00:00:00","guid":{"rendered":"https:\/\/wordpress.securinsight.ca\/index.php\/2026\/05\/29\/radar-tls-bug-detection-in-the-cloudflare-radar-post-quantum-checker-3\/"},"modified":"2026-05-29T00:00:00","modified_gmt":"2026-05-29T00:00:00","slug":"radar-tls-bug-detection-in-the-cloudflare-radar-post-quantum-checker-3","status":"publish","type":"post","link":"https:\/\/wordpress.securinsight.ca\/index.php\/2026\/05\/29\/radar-tls-bug-detection-in-the-cloudflare-radar-post-quantum-checker-3\/","title":{"rendered":"Radar &#8211; TLS bug detection in the Cloudflare Radar post-quantum checker"},"content":{"rendered":"<p>The <a href=\"https:\/\/developers.cloudflare.com\/radar\/\"><strong>Radar<\/strong><\/a> <a href=\"https:\/\/radar.cloudflare.com\/post-quantum#website-support\" target=\"_blank\">post-quantum TLS support checker<\/a> now also reports TLS bugs detected during the handshake test. When a scanned host exhibits compatibility issues, the results include details on the specific bugs detected, along with guidance on how to investigate and remediate each issue. The bugs section only appears for hosts where issues are found.<\/p>\n<p>The following TLS bugs are detected:<\/p>\n<ul>\n<li><strong>Split ClientHello<\/strong> \u2014 The connection fails with a fragmented post-quantum <code>ClientHello<\/code> but succeeds with classical handshakes. Typically caused by middleboxes or firewalls that cannot reassemble split TLS messages.<\/li>\n<li><strong>HRR Failure<\/strong> \u2014 The server sends a <code>HelloRetryRequest<\/code> but fails to complete the handshake afterward.<\/li>\n<li><strong>Unknown Keyshare<\/strong> \u2014 The server cannot handle unknown key exchange algorithms and fails instead of responding with a <code>HelloRetryRequest<\/code> as required by the TLS 1.3 specification.<\/li>\n<\/ul>\n<p><img decoding=\"async\" src=\"https:\/\/developers.cloudflare.com\/_astro\/pq-tls-bug-detection.BrmsVMno_ZIsLXh.webp\" alt=\"TLS bug detection results in the Radar post-quantum checker\" \/><\/p>\n<p>Bug detection data is available through the existing <a href=\"https:\/\/developers.cloudflare.com\/api\/resources\/radar\/subresources\/post_quantum\/subresources\/tls\/methods\/support\/\"><code>\/post_quantum\/tls\/support<\/code><\/a> endpoint.<\/p>\n<p>Visit the <a href=\"https:\/\/radar.cloudflare.com\/post-quantum#website-support\" target=\"_blank\">Post-Quantum Encryption<\/a> page to test a host.<\/p>","protected":false},"excerpt":{"rendered":"<p>The Radar post-quantum TLS support checker now also reports TLS bugs detected during the handshake test. When a scanned host exhibits compatibility issues, the results include details on the specific bugs detected, along with guidance on how to investigate and remediate each issue. The bugs section only appears for hosts where issues are found. The [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-520","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts\/520","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/comments?post=520"}],"version-history":[{"count":0,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/posts\/520\/revisions"}],"wp:attachment":[{"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/media?parent=520"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/categories?post=520"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/wordpress.securinsight.ca\/index.php\/wp-json\/wp\/v2\/tags?post=520"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}