I've recently started using packetbeat 6.1.1 to make use of the new TLS module.
It works really well, however I'm puzzled as to why the TLS versions are 3.x as opposed to the proper versioning (1.x).
I'm assuming the numbering is to follow up from SSL 3.0? So, TLS version 3.1 is essentially TLS 1.0, 3.3 is TLS 1.2?
Would it not make more sense to just use the proper TLS version?