My main question was, where on the computer is the encryption/decryption happening? Does it happen somewhere in the windows networking stack (maybe somewhere in its TCP/IP implementation)? Seemed that handling the SSL work outside of the browser would be dangerous. But, I wondered if that might be the case since you can use a tool like Fiddler to view the clear text content of secure traffic.
As a starting point, I set about learning about SSL. There's some excellent documentation on Mozilla. I started reading about Network Security Services(NSS). And that lead me to a good intro to SSL.
So, does SSL encrypt or decrypt in the Operating System's Network Stack? Thankfully, no. The client application (i.e. web browser) actually does this using an SSL-capable security mechanism of its own. In Firefox, this is NSS.
Then, how does Fiddler allow you to see the traffic? Fiddler decrypts SSL traffic by acting as a "Man-in-the-middle". It sits between the browser and the web server and establishes an SSL connection to each, decrypting the traffic that flows through it for inspection.
Posts
No comments:
Post a Comment