On Wed, 6 Aug 2008 11:17:12 +0200, Sake Blok <[EMAIL PROTECTED]> wrote: > May I have your votes please? ;-) > > 1) Don't include the code at all > 2) Change the code to only identify the weak keys, but not use it > to decrypt the SSL traffic (would this also be CPU intensive?) > 3) Add the code as is, including decryption of SSL traffic
I vote for 2. As others have pointed out, brute-forcing decryption would move Wireshark into an entirely different application category and limit its use. However, it would be silly to reject the patch altogether since this would be a great feature to have. (We could also use weak SSH key detection, BTW). I'd prefer to have weak key IDs added to the tree along with an expert item, but no automatic decryption. Of course, once you identify a weak key there's nothing stopping you from using Lua or an external script to build a corresponding ssl.keys_list preference line. :) _______________________________________________ Wireshark-dev mailing list Wireshark-dev@wireshark.org https://wireshark.org/mailman/listinfo/wireshark-dev
