Re: [Snort-inline-users] Snort_inline which version to use

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Will Metcalf wrote:

> 
> Completely off topic, would anybody like to see an ssl-decryption
> preproc?  Obviously you would only be able to decrypt traffic bound to
> servers for which you possess the private keys, in addition we would
> need figure out some way to securely store these key's in escrow. Just
> a thought Victor Julien and I have been kicking around.
> 

If support is added I would love to see it tied into an SSL accelerator 
card. Using the accelerator could also provide the key escrow 
capabilities in hardware.

I used to be under the impression that you could not properly do SSL 
decryption however as intruvert unfortunately proved to me that is only 
the case with certain ciphers and anonymous SSL.