[erlang-questions] SSL: Getting master_secret and client_random (or premaster_secret)

Roger Lipscombe <>
Thu Jan 12 00:17:06 CET 2017


On 11 January 2017 at 19:12, Ingela Andin <> wrote:

> There is currently no supported way. ERL-166 https://bugs.erlang.org/
> browse/ERL-166 talks about the possibility to add such a feature. We have
> not had time to look further into this as yet.
>

I'm happy to submit a PR to implement this, provided we can agree on the
approach (but it'll be a month or two -- we're still on Erlang 17.x, and
there's no point in submitting a patch against that).


> Of course, it is possible to provide such an API, although it seems to me
> that the use case is violating the concept of using TLS in the first place.
> It can, of course, be argued that if you have access to the erlang node you
> may dig out the information anyway even if it might be a dirty hack.
>

I *would* argue that: We own the server, so the unencrypted traffic is
already available. All this is doing is making it easier to see that data
in wireshark, where there's a bunch of other useful context.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://erlang.org/pipermail/erlang-questions/attachments/20170111/3ddc87cb/attachment.html>


More information about the erlang-questions mailing list