Ethereal-dev: Re: [Ethereal-dev] SSL Decoding?

Note: This archive is from the project's previous web site, ethereal.com. This list is no longer active.

From: Scott Renfro <scott@xxxxxxxxxx>
Date: Sun, 27 Jan 2002 22:00:54 -0800
On Sun, Jan 27, 2002 at 08:53:03PM -0600, David Frascone wrote:
>
> 1) Since I have access to all the key files, can I somehow watch the
>    stream, or does SSL generate the keys used for traffic on the fly,
> and
>    only use the .pem file keys for identity?

The Ethereal ssl dissector doesn't support this, but Eric Rescorla's
ssldump utility does.  http://www.rtfm.com/ssldump/

> 2)    Can I pick an openssl cipher that performs NO encryption?

Yes, SSLv3 and TLSv1 have NULL cipher suites.  They're disabled by
default, but you can enable their use in many implementations.  In
Netscape or Mozilla, see the Edit Ciphers preferences dialog.  In
openssl, use -cipher NULL with s_client and/or s_server.

cheers,
--Scott

-- 
Scott Renfro <scott@xxxxxxxxxx>