Huge thanks to our Platinum Members Endace and LiveAction,
and our Silver Member Veeam, for supporting the Wireshark Foundation and project.

Wireshark-bugs: [Wireshark-bugs] [Bug 1035] New: SSL Message Interpretation

Date: Tue, 8 Aug 2006 19:30:37 +0000 (GMT)
http://bugs.wireshark.org/bugzilla/show_bug.cgi?id=1035

           Summary: SSL Message Interpretation
           Product: Wireshark
           Version: 0.99.2
          Platform: PC
        OS/Version: Windows XP
            Status: NEW
          Severity: Normal
          Priority: Medium
         Component: Wireshark
        AssignedTo: wireshark-bugs@xxxxxxxxxxxxx
        ReportedBy: Gary.Chaulklin@xxxxxxxxxxxx


Tracing various SSL servers purportedly running the same software, I'm seeing a
certain 123 byte packet being intrepreted variously as:
Server Hello Done OR
Server Key Exchange OR
Encrypted Handshake Message

These messages ocurr after Change Cipher Spec.  Are these really different
messages?  My concern is the overhead involved in the Server Key Exchange which
(for RSA) requires the use of the server private key to sign the message.


-- 
Configure bugmail: http://bugs.wireshark.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.