On 23 October 2014 02:50, Olle E Johansson <[email protected]> wrote: > I get a lot of worried questions much like: "Then we can't use wireshark" > when I talk about crypto. > > That needs to be adressed too.
A walkthrough of using SSLKEYLOGFILE may address that, depending on the application. IIRC it works for Firefox and Chrome. Besides NSS, the feature is in BoringSSL (https://code.google.com/p/chromium/issues/detail?id=393477) and could likely be ported to OpenSSL fairly easily. I say this to provide context, I actually think it's a bad idea to have these features enabled by default in production-compiled libraries. -tom _______________________________________________ Uta mailing list [email protected] https://www.ietf.org/mailman/listinfo/uta
