["Hobbs, David" <David.Hobbs@xxxxxxxx>]

>	2) Ethereal's SSL dissector doesn't currently do any decryption.

> If somebody's implemented SSL decryption, and there aren't any 
> licensing issues with their code (i.e., if we can put it into a GPLed 
> application such as Ethereal), we'd like to see the code to consider
it 
> for inclusion in Ethereal.

It could be that what the SE saw was just the standard protocol
dissection showing client hello, server hello, etc, and the ssl/tls
information.  

The one thing though, is that ssldump IS open source, the CVS is at
SourceForge, so I can't see why it couldn't be modified to work with
Ethereal.  

Part of the difficulty of comparing encrypted -vs- un-encrypted packets
is the difficulty of figuring out which frame said interesting data is
on when doing ssldump and then attempting comparative analysis with
Ethereal.  (well, you need to use absolute timestamps and then seek the
absolute timestamp in ethereal, but it would be easier to reference
frame numbers when sharing dump files with people).

--
David Hobbs