|
|
|
|
|
|
by st_goliath
1335 days ago
|
|
|
> Is HTTP always the same protocol as HTTPS - given the same version - and ignoring the encryption from TLS? > Theoretically yes, but in practice? Yes, that's the whole point of encapsulation. The protocol is blissfully unaware of encryption and doesn't even have to be. It has no STARTTLS mechanism either. Your HTTPS traffic consists of a TCP handshake to establishes a TCP connection, a TLS handshake across that TCP connection to exchange keys and establish a TLS session, and the exact, same HTTP request/response traffic, inside the encrypted/authenticated TLS session. The wonderful magic of solving a problem by layering/encapsulating. > I could not see anything useful in wireshark anymore Wireshark supports importing private keys for that, see: https://wiki.wireshark.org/TLS |
|
|