What is the meaning of the values of the Protocols field from Get-TlsCipherSuite Output?
Solution 1:
They seem to be a decimal representation of the value used in the TLS Version Field. 771 = 0x0303 = TLS_1_2, and 65277 = 0xFEFD = DTLS_1_1. You can see similar constants defined in various TLS libraries:
TLS_VERSIONS = {
# SSL
0x0002: "SSL_2_0",
0x0300: "SSL_3_0",
# TLS:
0x0301: "TLS_1_0",
0x0302: "TLS_1_1",
0x0303: "TLS_1_2",
0x0304: "TLS_1_3",
# DTLS
0x0100: "PROTOCOL_DTLS_1_0_OPENSSL_PRE_0_9_8f",
0x7f10: "TLS_1_3_DRAFT_16",
0x7f12: "TLS_1_3_DRAFT_18",
0xfeff: "DTLS_1_0",
0xfefd: "DTLS_1_1",
}
So they likely represent the TLS/SSL protocol versions for which that cipher is available.