|
|
|
|
|
|
by forman00
4719 days ago
|
|
|
If anyone's interested in learning more of how you can use the private key of a server to monitor all communications: see, for example, US Pat. 7,543,051 It describes a way to passively/non-intrusively ("invisible to the server") capture and analyze all network traffic using a cable-tap. Bottom of column 8: "In order to accomplish decryption in a timely manner the secure traffic decryption unit needs the private key of the server. Usually providing the server's private key to another device would be considered a security flaw, since private keys are not meant to be communicated to any other party. But since it may be assumed that usually the server's owner or operator will use the present invention to monitor his/her own server, providing the server's private key to the secure traffic decryption unit does not pose significant security risks." |
|
|