Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

TLS decryption with SSLKEYLOGFILE

  • பதில்கள் இல்லை
  • 1 இந்த பிரச்சனை உள்ளது
  • 3 views

Hi,

I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets.

I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly.

So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ?

Thank you for your reading and I am looking forward to reading your answer.

Best regards


[1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

Hi, I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets. I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly. So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ? Thank you for your reading and I am looking forward to reading your answer. Best regards [1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

user106701823550493474440768539229835003700 மூலமாக திருத்தப்பட்டது

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.