How can you control what order the key pairs are requested in? In other words, how can you make the tool do the pull before the TLS server?
An alternative thought on this is that the TLS decrypter could be Wireshark (or another sniffer with an HSM) with a pcap trace that has been mined out (back-in-time analysis). The sniffer can then request a key pair well after the TLS server gets the key pair and it would work. The TLS decrypter only has to get the key ahead of time for live decryption, like to an IDS. So really, TLS decrypter is too general in this case. There is a live TLS decrypter and a back-in-time TLS decrypter that have different requirements.
Maybe these are details that can be worked out later.
From Steve Fenter
Question about Figure 5: TSK protocol pull model:
How can you control what order the key pairs are requested in? In other words, how can you make the tool do the pull before the TLS server?
An alternative thought on this is that the TLS decrypter could be Wireshark (or another sniffer with an HSM) with a pcap trace that has been mined out (back-in-time analysis). The sniffer can then request a key pair well after the TLS server gets the key pair and it would work. The TLS decrypter only has to get the key ahead of time for live decryption, like to an IDS. So really, TLS decrypter is too general in this case. There is a live TLS decrypter and a back-in-time TLS decrypter that have different requirements.
Maybe these are details that can be worked out later.