Nonrepudiation - in some sense
Ben Laurie
ben at algroup.co.uk
Sun Feb 12 12:24:16 EST 2006
Victor Duchovni wrote:
> On Fri, Feb 10, 2006 at 07:49:59PM +0000, Ben Laurie wrote:
>
>> Secondly, obviously, you can only decrypt SSL if you have the private
>> key, so presumably this is referring only to incoming SSL connections.
>>
>
> And only if EDH (or more generally all PFS) ciphers are disabled. This
> is AFAIK common with HTTP servers, but the majority of TLS capable MTAs
> negotiate EDH ciphers.
You refer, of course, to the case where you are trying to decrypt a
sniffed conversation.
Gotta be careful with the trimming of messages!
--
http://www.links.org/
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list