Ben Nagy wrote:
>Recently a discussion came up on firewall-wizards about
>passively sniffing SSL traffic by a third party, using a copy of the server
>cert (for, eg, IDS purposes).

This sounds very confused.  Certs are public.  How would knowing a copy
of the server cert help me to decrypt SSL traffic that I have intercepted?
Now if I had a copy of the server's private key, that would help, but such
private keys are supposed to be closely held.

Or are you perhaps talking about some kind of active man-in-the-middle
attack, perhaps exploiting DNS spoofing?  It doesn't sound like it, since
you mentioned passive sniffing.

And it doesn't matter whether you use Diffie-Hellman or RSA with Verisign
certs; either way, SSL should be secure against passive eavesdropping.

I think you need to elaborate before we can give any sensible responses.

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]

Reply via email to