On Fri, Feb 10, 2006 at 07:49:59PM +0000, Ben Laurie wrote: > Secondly, obviously, you can only decrypt SSL if you have the private > key, so presumably this is referring only to incoming SSL connections. >
And only if EDH (or more generally all PFS) ciphers are disabled. This is AFAIK common with HTTP servers, but the majority of TLS capable MTAs negotiate EDH ciphers. -- /"\ ASCII RIBBON NOTICE: If received in error, \ / CAMPAIGN Victor Duchovni please destroy and notify X AGAINST IT Security, sender. Sender does not waive / \ HTML MAIL Morgan Stanley confidentiality or privilege, and use is prohibited. --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]