[Derek Shinaberry <wireshark@xxxxxxxxxxxxxxxxxxxxxxxx>]

Can someone help me understand why you must have the server's private  
key in order to be able to decrypt the session between the client and  
the server?  It seems to me that if the server and client can conduct  
the session without the client ever knowing the server's private key,  
then a capture of the session on the client's side ought to be able  
to decrypt the session using just what is in the SSL handshake  
exchange.  What don't I understand about the process that precludes  
this behavior?

Thanks,
Derek