Is it possible to log the TLS protocol version that the client wants to use without intercepting SSL?