Re: Embed SSL keylog file in pcap-ng

[Guy Harris <guy () alum mit edu>]

On May 4, 2018, at 2:32 PM, Ahmad Fatoum <ahmad () a3f at> wrote:

> > On 4May 2018, at 19:10, Guy Harris <guy () alum mit edu> wrote:
> >
> > That might *also* be useful, but the advantage of blocks that *aren't* tied to Wireshark is that *other* programs 
> > can use the data without having to track Wireshark.
>
> I see, but to support multiple protocols in a capture,

"Support multiple protocols in a capture" in what sense?

> some authority that allocates protocol identifiers would be desirable

If this is going to be in pcapng files, the authority would be the pcapng file format maintainers.

> and I think Wireshark protocol names are very suited for this (after renaming SSL to TLS :-).
>
> Maybe:
> - Standardize some prefs_register_key_preference API for key supplement in Wireshark that wraps existing 
> UAT/preference use and provides key preferences in a uniform format
> - Agree on a specific format for those key preferences inside pcapng blocks

Once they're in pcapng blocks, unless the block is Wireshark-specific, the preferences would be managed entirely by the 
pcapng developers, not the Wireshark developers.

The point here is to have something *independent* of particular packet analyzers.
___________________________________________________________________________
Sent via:    Wireshark-dev mailing list <wireshark-dev () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-dev
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-dev
             mailto:wireshark-dev-request () wireshark org?subject=unsubscribe