cURL / Mailing Lists / curl-users / Single Mail


Re: Question regarding using the ssl sessionid usage

From: Ray Pekowski <>
Date: Tue, 31 Mar 2009 08:43:24 -0500

On Tue, Mar 31, 2009 at 4:48 AM, G. T. Stresen-Reuter <> wrote:

> I'm no expert on tcpdump, but unless you've compiled tcpdump to be able to
> decrypt encrypted packets, you may not see anything of interest...

It is possible to detect in a network trace, e.g. tcpdump or wireshark, that
the SSL session is being negotiated/created by looking for a packet coming
from the server that contains the server's certificate. A large part of the
server certificate is unencrypted, for example the expiration date and
Distinguished Name (DN) including common name, organization unit,
organization name. The server does not send the certificate if the session
is reused.


List admin:
Received on 2009-03-31