Github user shinrich commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105638387
I'm afraid I'm being a bit dense, but where is sslServerName ever set to a
non-null value?
---
If your project is set up for it, you can reply to this email and
Github user ericcarlschwartz commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105593729
@RolandZink, yeah that's what I was thinking. I will do some searching and
see if something like that's been done before and how wireshark will behave
wi
Github user RolandZink commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105592140
The log contains more than one key. When the browser writes it then there
is only one client but more than one server and wireshark can decrypt all the
connect
Github user ericcarlschwartz commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105585945
I've dropped the tcp_info traces.
My understanding was in line with @sudheerv's that this was never intended
as a total replacement to using wire
Github user ericcarlschwartz commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105575893
@sudheerv: the TCP_INFO usage can definitely be dropped because of the
associated cost/its only situational usefulness. i will prepare a patch with it
re
Github user RolandZink commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105575681
With perfect forward secrecy getting the necessary keys becomes more
difficult. I made some better experience by getting the session keys from the
browsers. So
Github user jpeach commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105570715
Well if you can configure logging on the ATS server, then it seems
reasonable that you would have access to the SSL keys.
---
If your project is set up for it, yo
Github user sudheerv commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105570499
Yes, but, you would need to know/use the cert to do that, which is not
always straightforward - as I said, "the problem with existing tools is that
they can not
Github user jpeach commented on the pull request:
https://github.com/apache/trafficserver/pull/194#issuecomment-105569519
Wireshark decrypts SSL, https://wiki.wireshark.org/SSL.
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as w
