搜索 | 用户支持

防范以用户支持为名的诈骗。我们绝对不会要求您拨打电话或发送短信,及提供任何个人信息。请使用“举报滥用”选项报告涉及违规的行为。

Learn More

TLS decryption with SSLKEYLOGFILE

  • 无回复
  • 1 人有此问题
  • 3 次查看
more options

Hi,

I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets.

I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly.

So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ?

Thank you for your reading and I am looking forward to reading your answer.

Best regards


[1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

Hi, I am currently working on a privacy study regarding Mozilla Firefox and I would like to have more detailed information on key log file using per-session secrets. I used SSLKEYLOGFILE environment variable from underlying NSS library to get TLS session secrets [1], which can be used in Wireshark to decrypt HTTPS traffic. I looked at Firefox documentation for some answers and I found that NSS support for logging file is disabled by default since NSS 3.24 [2], that-is to say Firefox 48 and 49 [3]. I do not have found any documentation saying it has been re-enabled by default since then. However, I have made some tests on Ubuntu 22.04 LTS (it is disabled on Debian) and Windows 10 using Firefox 106 (NSS 3.83) [4] and it works properly. So, I have two questions : - Is it normal that this feature still works for decrypting traffic whereas it should be disabled by default ? - What is the position of Mozilla developers and the community on the security of this feature (anyone who have access to someone computer could get all of their internet passwords) ? Thank you for your reading and I am looking forward to reading your answer. Best regards [1] https://wiki.wireshark.org/TLS [2] https://firefox-source-docs.mozilla.org/security/nss/legacy/nss_releases/nss_3.24_release_notes/index.html#mozilla-projects-nss-nss-3-24-release-notes [3] https://firefox-source-docs.mozilla.org/security/nss/legacy/key_log_format/index.html [4] https://wiki.mozilla.org/NSS:Release_Versions

由user106701823550493474440768539229835003700于修改

You must log in to your account to reply to posts. Please start a new question, if you do not have an account yet.