cURL / Mailing Lists / curl-users / Single Mail

curl-users

Re: Question regarding using the ssl sessionid usage

From: Ray Pekowski <pekowski_at_gmail.com>
Date: Tue, 31 Mar 2009 08:43:24 -0500

On Tue, Mar 31, 2009 at 4:48 AM, G. T. Stresen-Reuter <
tedmasterweb_at_gmail.com> wrote:

>
> I'm no expert on tcpdump, but unless you've compiled tcpdump to be able to
> decrypt encrypted packets, you may not see anything of interest...

It is possible to detect in a network trace, e.g. tcpdump or wireshark, that
the SSL session is being negotiated/created by looking for a packet coming
from the server that contains the server's certificate. A large part of the
server certificate is unencrypted, for example the expiration date and
Distinguished Name (DN) including common name, organization unit,
organization name. The server does not send the certificate if the session
is reused.

Ray

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-03-31

This message: [ Message body ]
Next message: Niranjan Ramakrishnan: "RE: Question regarding using the ssl sessionid usage"
Previous message: G. T. Stresen-Reuter: "Re: Question regarding using the ssl sessionid usage"
In reply to: G. T. Stresen-Reuter: "Re: Question regarding using the ssl sessionid usage"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]