IETF Logo Mail Archive

Re: [TLS] Wireshark Download for TLS1.3

Peter Wu <peter@lekensteyn.nl> Thu, 26 January 2017 16:31 UTC

Return-Path: <peter@lekensteyn.nl>
X-Original-To: tls@ietfa.amsl.com
Delivered-To: tls@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB08912989E for <tls@ietfa.amsl.com>; Thu, 26 Jan 2017 08:31:56 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.499
X-Spam-Level:
X-Spam-Status: No, score=-7.499 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_MED=-2.3, RP_MATCHES_RCVD=-3.199, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=lekensteyn.nl
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id j9B_y1ddWAFd for <tls@ietfa.amsl.com>; Thu, 26 Jan 2017 08:31:54 -0800 (PST)
Received: from mail.lekensteyn.nl (mail.lekensteyn.nl [IPv6:2a02:2308::360:1:25]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 593E91298A4 for <tls@ietf.org>; Thu, 26 Jan 2017 08:31:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=lekensteyn.nl; s=s2048-2015-q1; h=In-Reply-To:Content-Type:MIME-Version:References:Message-ID:Subject:Cc:To:From:Date; bh=hdAg81vPoCq5R1I2n34jcFGvgDum4+LzpIE7Pdq+ms0=; b=d5/IkNyE1PgkWVD0pq3az7fwmE5OI9wbsFO5+unDhPhaLZRriuZd6v2Nq2mnc8upzgT7PL+LvL8sAplt63yKGNJWMoXahQp5E6BLyNYOf4VOe8KC3PIq+/ylJH3P/zYPLk8gZ/2Wr/0gHGBCcd4wwAUH717ZvWYbLpQdEJbH0DrgnEGX+U0OXJacQYvslz0Idb4EbXIz0h2VnfYOcAouxsEI4/s1iqc7Vr2U5tpbmqBe6Mw5wMfovEBBLp5fz1p93Z/PHs2G/KIP6NVrXISssBXmBGLjV7EYbmPlhg70h+E7bEv8LLC7hg9zSiemV8ii2C0K3CT4H/qvMiENcZ24NQ==;
Received: by lekensteyn.nl with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.84_2) (envelope-from <peter@lekensteyn.nl>) id 1cWmxi-0004YJ-8r; Thu, 26 Jan 2017 17:31:51 +0100
Date: Thu, 26 Jan 2017 17:31:48 +0100
From: Peter Wu <peter@lekensteyn.nl>
To: nalini.elkins@insidethestack.com
Message-ID: <20170126163148.GD20541@al>
References: <513927626.1360652.1485447000217.ref@mail.yahoo.com> <513927626.1360652.1485447000217@mail.yahoo.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <513927626.1360652.1485447000217@mail.yahoo.com>
User-Agent: Mutt/1.7.2 (2016-11-26)
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/ff-uRXhFQ42IRG1zXKwiVXfTK6I>
Cc: IETF TLS <tls@ietf.org>, alexis.lagoutte@gmail.com
Subject: Re: [TLS] Wireshark Download for TLS1.3
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 26 Jan 2017 16:31:56 -0000

Hi all,

This is indeed work in progress, the current state can be tracked at:
https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=12779

Note for TLS implementers: Wireshark supports decryption when provided
with the master secret (TLS 1.2 and before), but with TLS 1.3 there are
more secrets. The current plan is to accept the client/server
handshake/application traffic secrets (as opposed to the more sensitive
Handshake/Master secrets) following the format proposed by BoringSSL:
https://code.wireshark.org/review/19801

If everything goes well, Wireshark 2.4 should be the first stable
version with TLS 1.3 support.

Kind regards,
Peter

On Thu, Jan 26, 2017 at 04:10:00PM +0000, nalini.elkins@insidethestack.com wrote:
> All,
> 
> If you want to download a WorkInProgress version of Wireshark that supports TLS1.3 (latest version of draft -18 only!).   Please go to:
> 
> https://www.wireshark.org/download/automated/
> 
> THIS IS NOT THE PRODUCTION VERSION OF WIRESHARK!!!
> 
> We owe HUGE thanks to Peter Wu & Alexis La Goutte (core Wireshark developers) for the TLS1.3 dissector.  I did some minor, initial work on the dissector but it is really their great effort and continued support that is making this dissector available for us.   Thank you guys so much!!!
> 
> BTW, we had started an email list to discuss diagnostic & implementation experiences for TLS.
> 
> https://www.ietf.org/mailman/listinfo/tls-implementers
> 
> Shall we move to that list to discuss?   Maybe we can share PCAPs.
> 
> Thanks,
> 
> Nalini Elkins
> Inside Products, Inc.
> www.insidethestack.com
> (831) 659-8360

v2.23.0 | Report a Bug | By Email