Victor Duchovni wrote: > On Fri, Feb 10, 2006 at 07:49:59PM +0000, Ben Laurie wrote: > >> Secondly, obviously, you can only decrypt SSL if you have the private >> key, so presumably this is referring only to incoming SSL connections. >> > > And only if EDH (or more generally all PFS) ciphers are disabled. This > is AFAIK common with HTTP servers, but the majority of TLS capable MTAs > negotiate EDH ciphers.
You refer, of course, to the case where you are trying to decrypt a sniffed conversation. Gotta be careful with the trimming of messages! -- http://www.links.org/ --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]
