Hi, Just an Info, may not be relevant. If extended master secret is enabled,(by default on all browsers now a days) the computation of master secret is different.
https://tools.ietf.org/html/rfc7627#section-4 On Thu, Sep 27, 2018 at 7:25 AM Viktor Dukhovni <openssl-us...@dukhovni.org> wrote: > > > > On Sep 26, 2018, at 9:19 PM, 이영주 <shinejae...@naver.com> wrote: > > > > I wonder why master-key is revealed in plaintext in the results below. > > (used command : Openssl s_client -connect host:port) > > Because s_client is a debugging tool, and a source of example code > that demonstrates many elaborate features of the API from which you > can pic and chose the functions that are useful to you. The s_client > command is NOT designed to be used for any non-diagnostic purposes. > > > Does it matter if the master key is exposed in plaintext? > > That's a feature. You can check when using s_server that both computed > the same key. > > > And I wonder what role this master key plays. > > https://tools.ietf.org/html/rfc5246#section-8.1 > https://tools.ietf.org/html/rfc5246#appendix-A.6 > https://tools.ietf.org/html/rfc5246#section-6.3 > https://tools.ietf.org/html/rfc5246#section-7.4.9 > https://tools.ietf.org/html/rfc5246#appendix-F.1.1 > https://tools.ietf.org/html/rfc5246#appendix-F.1.4 > https://tools.ietf.org/html/rfc5246#appendix-F.2 > > -- > Viktor. > > -- > openssl-users mailing list > To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users > -- Stiju Easo The unexamined life is not worth living for man. Socrates, in Plato, Dialogues, Apology Greek philosopher in Athens (469 BC - 399 BC)
-- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
