Tìm kiếm hỗ trợ

Tránh các lừa đảo về hỗ trợ. Chúng tôi sẽ không bao giờ yêu cầu bạn gọi hoặc nhắn tin đến số điện thoại hoặc chia sẻ thông tin cá nhân. Vui lòng báo cáo hoạt động đáng ngờ bằng cách sử dụng tùy chọn "Báo cáo lạm dụng".

Learn More

TLS decryption with SSLKEYLOGFILE

  • Không có trả lời
  • 1 gặp vấn đề này
  • 3 lượt xem
more options

Hi,

I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets.

I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly.

So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ?

Thank you for your reading and I am looking forward to reading your answer.

Best regards


[1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

Hi, I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets. I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly. So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ? Thank you for your reading and I am looking forward to reading your answer. Best regards [1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

Được chỉnh sửa bởi user106701823550493474440768539229835003700 vào

Bạn phải đăng nhập vào tài khoản của bạn để trả lời bài viết. Vui lòng bắt đầu một câu hỏi mới, nếu bạn chưa có tài khoản.