why didn't use clienthello version

[zhbelewen]

Hi, I have been confused about the code below: / SSLVersion/ ja3->version = SSL_version(ssl);** According to the paper, I think SSL_client_version() function should be used here.

When the client support TLS1.3 and so does the server, then SSL_version() will get the version number after the tls connection is created which is 1.3. However, in this situation, the SSL_client_version() will still be 1.2. This may cause different tls fingerprints and in my opinion, the latter is correct.

Can help me solve my confusion? Thanks.