Tls analyzer for pq connections always quantum vulnerable

[manel1874]

First of all, thank you for all the effort in developing these tools!

I was testing the tls-analyzer and I am not able to get a clean safe connection with https://pq.cloudflareresearch.com/ which is using the hybrid X25519MLKEM768 suite.

It seems tls-analyzer client does not support hybrid schemes (as per this comment) so it falls back to the standard X25519.

Also, the quantumSafe seems to be always false and the tool seems to be not able to find pq schemes (as per this line).

Questions:

1. Am I doing anything wrong here? Or can you provide me with an example of a quantum safe connection?
2. Is there a plan to add hybrid and quantum schemes?

With OpenSSL 3.5 I am able to connect to cloudflare website using TLS1.3 group: X25519MLKEM768 using the following command:

./apps/openssl s_client -tls1_3 -connect pq.cloudflareresearch.com:443 -msg

3. Is it possible (or are you planning) for tls-analyzer to read tls handshake scripts from other tools? e.g. from OpenSSL?