[HTTPS-Everywhere] bbc.co.uk attempts to use user installed certificates?
Eitan Adler
lists at eitanadler.com
Thu Mar 13 22:51:18 PDT 2014
On 14 March 2014 00:14, Daniel Kahn Gillmor <dkg at fifthhorseman.net> wrote:
> On 03/13/2014 11:39 PM, Eitan Adler wrote:
>> This is the output of LiveHTTPHeaders when I see the popup. I hit
>> cancel when the request came up. I don't see the CertificateRequest
>> although I may be blind ;)
>
> The output you sent shows HTTP headers, but CertificateRequest message
> is part of the TLS layer. There may well be other ways to capture the
> CertificateRequest message, but a network packet capture really is a
> reasonable suggestion to get the data that you want to examine.
After embarrassing myself by operating at the wrong layer I got a
tcpdump. I'll send it privately to specific interested parties along
with some analysis.
--
Eitan Adler
-------------- next part --------------
A non-text attachment was scrubbed...
Name: partial.dump.pcap
Type: application/octet-stream
Size: 8726 bytes
Desc: not available
URL: <https://lists.eff.org/pipermail/https-everywhere/attachments/20140314/d27db13e/attachment-0001.obj>
More information about the HTTPS-Everywhere
mailing list