[re-post of my Q on ask.wireshark.org] [ws 3.2.0] QUIC handshake is decrypted but subsequent packets are not

[Magesh Dhasayyan <mag.1984 () gmail com>]

Hi,

I'm trying to get an understanding of the QUIC protocol using wireshark
(and other material from various sources).

Steps that I followed:
 1. captured (using tshark) QUIC traffic between a local client server
(generated using mozilla/neqo, with SSLKEYLOGFILE env to store traffic
secrets).
 2. set the captured traffic secrets path in wireshark preferences
(Protocols -> TLS [(Pre)-Master-Secret log filename])
 3. opened the pcap file

Expected:
 1. decrypted payloads for QUIC handshakes
 2. decrypted payloads for subsequent QUIC packets

Observed:
 1. [PASS] decrypted payloads for QUIC handshakes
 2. [FAIL] decrypted payloads for subsequent QUIC packets

Are there any additional steps that I need to follow to decrypt all QUIC
packets?

screenshot showing the issue: https://ibb.co/ysgN5yW


Thanks,
Magesh

___________________________________________________________________________
Sent via:    Wireshark-users mailing list <wireshark-users () wireshark org>
Archives:    https://www.wireshark.org/lists/wireshark-users
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-users
             mailto:wireshark-users-request () wireshark org?subject=unsubscribe