Ralf Hauser wrote: > Is it possible to access the 36 bytes as per > http://www.rfc.net/rfc2246.html#s7.4.9. > (20 bytes of SHA-1 and 16 bytes of MD5)?
Of what value are these items to anything outside of the SSL/TLS protocol itself? > P.S.: Alternatively, after the handshake has completed, is it possible to > access the SSL/TLS session key that was negotiated. Directly? To the bits of they key itself? or to a handle for that key? Again, why is this value of interest to anything outside of SSL itself? > I see that I can get at the serverCert in > http://xulplanet.com/references/xpcomref/ifaces/nsISSLStatus.html Yes, unlike the other values requested above, the cert is public info, and is typically sent over the wire in the clear. -- Nelson B _______________________________________________ dev-tech-crypto mailing list dev-tech-crypto@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-tech-crypto
