cURL
Haxx ad
libcurl

curl's project page on SourceForge.net

Sponsors:
Haxx

cURL > Mailing List > Monthly Index > Single Mail

curl-users Mailing List Archives

Re: Question regarding using the ssl sessionid usage

From: Ray Pekowski <pekowski_at_gmail.com>
Date: Tue, 31 Mar 2009 08:43:24 -0500

On Tue, Mar 31, 2009 at 4:48 AM, G. T. Stresen-Reuter <
tedmasterweb_at_gmail.com> wrote:

>
> I'm no expert on tcpdump, but unless you've compiled tcpdump to be able to
> decrypt encrypted packets, you may not see anything of interest...

It is possible to detect in a network trace, e.g. tcpdump or wireshark, that
the SSL session is being negotiated/created by looking for a packet coming
from the server that contains the server's certificate. A large part of the
server certificate is unencrypted, for example the expiration date and
Distinguished Name (DN) including common name, organization unit,
organization name. The server does not send the certificate if the session
is reused.

Ray

-------------------------------------------------------------------
List admin: http://cool.haxx.se/cgi-bin/mailman/listinfo/curl-users
FAQ: http://curl.haxx.se/docs/faq.html
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2009-03-31

These mail archives are generated by hypermail.

donate! Page updated November 12, 2010.
web site info

File upload with ASP.NET