OK, Ian and I are, rightly or wrongly, on the same page here. Obviously my
choice of the word certificate has caused confusion.
[David Wagner]
This sounds very confused. Certs are public. How would
knowing a copy
of the server cert help me to decrypt SSL traffic that I have
intercepted?
Try Intel's open-sourced CDSA, available at SourceForge.
- Tolga
-Original Message-
From: [EMAIL PROTECTED] [mailto:owner-
[EMAIL PROTECTED] On Behalf Of Trei, Peter
Sent: Tuesday, November 30, 2004 7:16
To: Sandeep N; [EMAIL PROTECTED]
Subject: RE: RSA Implementation in C language
-Original Message-
From: Eric Rescorla [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 01, 2004 7:01 AM
To: [EMAIL PROTECTED]
Cc: Ben Nagy; [EMAIL PROTECTED]
Subject: Re: SSL/TLS passive sniffing
Ian Grigg [EMAIL PROTECTED] writes:
[...]
However could one do a Diffie
In message [EMAIL PROTECTED] on Tue, 30 Nov 2004 10:16:11 -0500, Trei,
Peter [EMAIL PROTECTED] said:
ptrei Admittedly somewhat old and creaky, but try Googling
ptrei RSAREF. I don't know where that stands for IP rights
ptrei (presumably we still have copyright), bout for
ptrei research it's a
[EMAIL PROTECTED] writes:
-Original Message-
From: Eric Rescorla [mailto:[EMAIL PROTECTED]
Sent: Wednesday, December 01, 2004 7:01 AM
To: [EMAIL PROTECTED]
Cc: Ben Nagy; [EMAIL PROTECTED]
Subject: Re: SSL/TLS passive sniffing
Ian Grigg [EMAIL PROTECTED] writes:
[...]
However
An interesting project is occupying a lot of my attention right now but
I don't have time to handle it myself. This project would be an
interesting application if it was implemented using good cryptography,
but the current team lacks the background for it. They've asked me to
help find the right
John Denker [EMAIL PROTECTED] writes:
Eric Rescorla wrote:
Uh, you've just described the ephemeral DH mode that IPsec
always uses and SSL provides.
I'm mystified by the word always there, and/or perhaps by
the definition of Perfect Forward Secrecy. Here's the dilemma:
On the one hand, it