[Oisf-users] realtime ssl/tls decryption
Alec Waters
Alec.Waters at dataline.co.uk
Wed Jun 26 09:37:04 UTC 2013
I got it all compiled up again with the intent of packaging it more conveniently into a PPA or something. However, the libdssl library doesn't seem to handle "modern" browsers and cipher suites very well. I can visit a given HTTPS site in something elderly like IE6 and the decryption will work fine. Visiting the same site in a modern browser will cause the decryption to fail - I suspect this is caused by the sheer size of the list of cipher suites proposed by the client, which is considerably longer than that sent by IE6.
My problem is that solving this issue is getting a bit beyond my pay grade in terms of coding - libdssl needs looking at by someone who knows what they're looking at :)
alec
--
More information about the Oisf-users
mailing list