Ah, yes. Thanks for the correction. Something I read previously made me think some of the ciphersuites (perhaps the DH suites? - this is also where I was thinking client auth for some reason) required the server to send part of the keying material to the client (via the client's pub key), which would require the private key of the client to decode. I've never run into client auth or DH suites so they're a bit fuzzy to me; guess I'm making up things to fill in the blanks. :-)
Regards Mark On 4/9/07, Sake Blok <[EMAIL PROTECTED]> wrote:
On Mon, Apr 09, 2007 at 01:00:32PM -0400, Mark Roggenkamp wrote: > Also, if the https session isn't using client auth then you probably only > need the private key of the WebSeal host. Even if the https-connection IS using a client-certificate, the private key of the client-certificate is only used for authentication and is not taking part in the encryption of the session. Only the private key of the server-certificate is used to generate the session-keys :) Cheers, Sake _______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
_______________________________________________ Wireshark-users mailing list Wireshark-users@wireshark.org http://www.wireshark.org/mailman/listinfo/wireshark-users
