Hi, it is possible to decrypt the session if you retrieve somehow from client the master secret and some addtional information. There is not whole mechanism for it in the Wireshark now but there is function ssl_set_master_secret(). If you pass all necessary information to this function it can decrypt the session even from the middle. Regards, Tomas
________________________________ Od: [EMAIL PROTECTED] za uživatele Derek Shinaberry Odesláno: pá 10.8.2007 15:07 Komu: wireshark-users@wireshark.org Předmět: [Wireshark-users] SSL Decryption Can someone help me understand why you must have the server's private key in order to be able to decrypt the session between the client and the server? It seems to me that if the server and client can conduct the session without the client ever knowing the server's private key, then a capture of the session on the client's side ought to be able to decrypt the session using just what is in the SSL handshake exchange. What don't I understand about the process that precludes this behavior? Thanks, Derek _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users