On May 5, 2018, at 1:40 AM, Ahmad Fatoum <ah...@a3f.at> wrote: >> On 5May 2018, at 09:31, Guy Harris <g...@alum.mit.edu> wrote: >> >> "Support multiple protocols in a capture" in what sense? > > multiple protocols with a key block each, e.g. TLS and Tibia interleaved in > the same capture file.
That doesn't require "some authority that allocates protocol identifiers", because it doesn't require protocol identifiers; all that needs to be done is to allocate pcapng block types to those protocols that require some additional information to decrypt its traffic. >>> some authority that allocates protocol identifiers would be desirable >> >> If this is going to be in pcapng files, the authority would be the pcapng >> file format maintainers. > > Of course, the pcapng maintainers are the authority on the block's structure, > but the protocol identifier would be a field inside the new "Wireshark > dissector preferences" block and managed by Wireshark, no? No. >> Once they're in pcapng blocks, unless the block is Wireshark-specific, the >> preferences would be managed entirely by the pcapng developers, not the >> Wireshark developers. > > The block is Wireshark-specific. That is precisely what I *DO NOT WANT*. I want a mechanism to allow an *arbitrary* program to use a key to decrypt traffic. ___________________________________________________________________________ Sent via: Wireshark-dev mailing list <wireshark-dev@wireshark.org> Archives: https://www.wireshark.org/lists/wireshark-dev Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev mailto:wireshark-dev-requ...@wireshark.org?subject=unsubscribe