iCloud Keychain. Is it secure?

Discussion in 'Fred's House of Pancakes' started by daniel, Oct 9, 2013.

Page 2 of 2

bwilson4web BMW i3 and Model 3

Joined:

Nov 25, 2005

28,281

16,001

0

Location:

Huntsville AL

Vehicle:

2018 Tesla Model 3

Model:

Prime Plus

. . . Wireshark is capable of decrypting SSL/TLS encrypted data in packets captured in any supported format and that if anyone wanted to know how for them to ask. Someone did, so here it is.

This is an extremely useful Wireshark feature, particularly when troubleshooting within highly secure network architectures. This article examines the requirements and Wireshark configuration required to do so and provides some information on issues commonly encountered when using this feature.
. . .
Click to expand...

Source: Using Wireshark to Decode SSL/TLS Packets

I've been working a password authentication problem and the wireshark decrypt works very nicely. The server admin has the private key which is all that wireshark needs.

There is no session-by-session private/public key. All sessions use the public key found in the certificate the server. The public and private keys were paired when the admin generated them. The web server keeps the private key.

I'm partial to PGP local encryption from source code that you locally compile. At least then efforts to insert backdoors are more easily spotted.

Bob Wilson

#21 bwilson4web, Oct 12, 2013

(You must log in or sign up to post here.)

Page 2 of 2