Hi,
I am using following K6 Build Version and Trying to send TLS1.3 Version(tlsVersion: {
min: http.TLS_1_3,
max: http.TLS_1_3,
}) with TLS1.3 Ciphers mentioned in this link:
but I see in TCPDumps, the Ciphers that are sent is with TLS Version 1.2 as opposed to TLS Version 1.3.
k6 v0.31.1 (2021-03-17T13:23:23+0000/e9d8349, go1.15.8, linux/amd64)
Please let me know if k6 supports TLS1.3 and if Yes what should be the k6 build version that I have to choose.
Hi @srikanthr1,
K6 does support TLS1.3 since at least 0.25.1 (from my testing, no idea why 0.24.0 didn’t 
).
I have also verified this using wireshark
I guess the confusion comes because 1.3 is negotied differently from previous versions and one of the things that is different is that 1.2 is put in a lot of the fields as you can see in
Additionally, as you can see the chosen cipher is TLS_AES_128_GCM_SHA256 which is only supported with 1.3.
I would guess that you just read the wrong field :).
Hope this helps
p.s. I would still recommend that you update your k6 version as the one you have is now more than 1 year old 
Yes @mstoykov you exactly read my mind, Below is the capture screenshot:
If wireshark is saying v1.3 on top I trust it :). All the others are basically some fields that neede to be interpreted.
The supported_versions having 1.3 does mean that k6 (as this is the client hello) specifically requests 1.3. Everything else AFAIK has the values it has as TLS1.3 need to have TLS1.2< compatible handshake. Which needs to have 1.1 compatible … and so on.
I don’t think I have ever known the exact differences and the reasons for them, but I do remember that 1.3 was specifically very different. But ultimately it still needs to be compatible with the previous ones at least in the handshake phase.
