[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 Christopher Maynard changed: What|Removed |Added Status|UNCONFIRMED |RESOLVED Resolution|--- |WONTFIX --- Comment #12 from Christopher Maynard --- (In reply to Peter Wu from comment #11) > This report seems like a request to add documentation for setting up TLS > decryption. That is not what the title says. I didn't intend the mentioning of SSLKEYLOGFILE to take over the primary discussion on this bug report, nor did I intend for it being "documented" in the User Guide as turning into a complete "How To" on setting up TLS decryption. As mentioned in previous comments, some wiki content has recently been moved to the User Guide, notably some Lua information. But there is currently no mention in the User Guide at all that TLS decryption is even possible in some cases (firefox, chrome, curl, possibly others). The thought was to merely mention the basic general steps involved, e.g., "It's possible for Wireshark to decrypt HTTPS traffic with browsers that support exporting of a key log file, generally enabled by setting the SSLKEYLOGFILE environment variable. For more information on how to achieve this, refer to ... https://wiki.wireshark.org/TLS>". On a side note, I believe Wireshark, being the de facto packet capture standard, is in a rather unique position to possibly help influence other software, By specifically mentioning the SSLKEYLOGFILE mechanism for enabling the exporting of the keys, perhaps that would help encourage software that doesn't currently support this feature to add it using the same familiar method, especially if more Wireshark users are aware of it and begin inquiring about it. Here, I'll just mention the mosquitto project as one example and refer you to https://github.com/eclipse/mosquitto/issues/632 if you're curious, but this is by no means isn't just about mosquitto. > Who would benefit from a description in the User's Guide while we already > have excellent descriptions, presentations, and videos elsewhere? As for the other Wireshark-specific environment variables, I think they're also worth mentioning in the User Guide because I don't presume to know the needs of all users, and I think providing the information only makes the tool more useful to more people. As for having excellent descriptions, presentations and videos elsewhere, I don't disagree with you there and the changes proposed here were never meant to replace them. Well, as far as I can tell, the changes I've proposed are not at all well-received, and since I seem to be the only one who thinks mentioning the environment variables or anything about the SSLKEYLOGFILE in the User Guide would be useful for Wireshark users, I'll just go ahead and close the bug. The consensus seems to be that the current documentation is sufficient and that this content doesn't belong in the User Guide, so there's no point in keeping the bug open. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 Peter Wu changed: What|Removed |Added CC||pe...@lekensteyn.nl --- Comment #11 from Peter Wu --- I disagree with the title "Environment variables should be documented" where "environment variables" are not from Wireshark itself. This report seems like a request to add documentation for setting up TLS decryption. That is not what the title says. In that case, I believe that the existing documentation (the wiki and the many references on that page) is sufficient. SSLKEYLOGFILE is one variable to obtain secrets from some applications, but it is not the only one. The name is a convention that started from the NSS library as used by Firefox. Although some applications (Chromium, curl, recently some configurations of Python 3.8, ...) support this environment variables, not all of them do. Some applications such as "openssl s_client", "openssl s_server", node (Node.JS) and chrome expose a command-line option to configure the keylog output file. There are also TLS terminator appliances that provide these secrets. The User's Guide is mostly a document describing the user interface of Wireshark. It has little use-case driven documentation, and describing external applications is probably out of scope. Who would benefit from a description in the User's Guide while we already have excellent descriptions, presentations, and videos elsewhere? -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 Pascal Quantin changed: What|Removed |Added CC|pas...@wireshark.org| -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #10 from Christopher Maynard --- (In reply to Pascal Quantin from comment #9) > A file containing the keys does impact Wireshark behavior, not the > environment variable. This is just my personal point of view. Semantics. And the user knows how to generate that file ... how, exactly? Certainly not from Wireshark's User Guide, which is the most logical place where one might look to read about how Wireshark can decrypt traffic and how one might go about achieving that. Not particularly user-friendly, IMO. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #9 from Pascal Quantin --- A file containing the keys does impact Wireshark behavior, not the environment variable. This is just my personal point of view. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #8 from Christopher Maynard --- (In reply to Pascal Quantin from comment #6) > impact on Wireshark behavior. SSLKEYLOGFILE is a completely different matter > and does not impact Wireshark behavior. Well, I have to strongly disagree with you here. The SSLKEYLOGFILE *does* impact Wireshark behavior. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #7 from Christopher Maynard --- There also seems to have been an effort to bring more wiki content into the User Guide, (Lua, as an example), so the content at https://wiki.wireshark.org/TLS where the SSLKEYLOGFILE is mentioned is just another page whose content might be better to have included in the User Guide as well. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #6 from Pascal Quantin --- The environment variables you are mentioning are where the Wireshark configuration files are stored depending on the OS used. They do have an impact on Wireshark behavior. SSLKEYLOGFILE is a completely different matter and does not impact Wireshark behavior. But again if you think it is that important, please provide a patch so that it can be reviewed and commented by the community. If people think it belongs to Wireshark documentation, it might make sense to document it. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #5 from Christopher Maynard --- (In reply to Pascal Quantin from comment #3) > Documenting other software environment variables in Wireshark documentation > does not make much sense to me. And you have plenty of resources in Internet > explaining you how to dump the keys. > The point is that your initial bug report suggests that this is a Wireshark > environment variable. This is not the case. I never meant to imply that SSLKEYLOGFILE is a Wireshark environment variable. I know the SSLKEYLOGFILE isn't a Wireshark environment variable, just as much as I know that $HOME, $XDG_CONFIG_HOME, %APPDATA% and %USERPROFILE% are not Wireshark environment variables too, but only one of these isn't at least mentioned in the man page. The bottom line is that Wireshark relies on that environment variable for certain functionality. I don't think it's too much to expect that if you want your users to know how to do something with your tool that you supply them with the relevant information to do so. I personally don't think it's better to send users elsewhere to learn how to use the tool. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #4 from Guy Harris --- (In reply to Pascal Quantin from comment #3) > Documenting other software environment variables in Wireshark documentation > does not make much sense to me. And you have plenty of resources in Internet > explaining you how to dump the keys. Then we should perhaps at least point to those resources as examples of "how to force other programs to help Wireshark work". -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #3 from Pascal Quantin --- Documenting other software environment variables in Wireshark documentation does not make much sense to me. And you have plenty of resources in Internet explaining you how to dump the keys. The point is that your initial bug report suggests that this is a Wireshark environment variable. This is not the case. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 --- Comment #2 from Christopher Maynard --- (In reply to Pascal Quantin from comment #1) > Just a side note, SSLKEYLOGFILE is not a Wireshark environment variable, but > one from Chrome / Firefox / Curl / etc. Indeed, but if it's not mentioned anywhere in the documentation, then it makes it that much more difficult for users to be aware of it and make use of it. The fact that it's not Wireshark's environment variable means little to someone trying to decrypt their browser traffic with Wireshark. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe
[Wireshark-bugs] [Bug 16517] Environment variables should be documented.
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=16517 Pascal Quantin changed: What|Removed |Added CC||pas...@wireshark.org --- Comment #1 from Pascal Quantin --- Just a side note, SSLKEYLOGFILE is not a Wireshark environment variable, but one from Chrome / Firefox / Curl / etc. Any patch to improve the documentation is welcome. -- You are receiving this mail because: You are watching all bug changes.___ Sent via:Wireshark-bugs mailing list Archives:https://www.wireshark.org/lists/wireshark-bugs Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe