Re: [TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

Hi Rich (and Tony Rutkowski == hot_middlebox I assume?) On 14/03/18 22:17, Salz, Rich wrote: > * The requirements for visibility exist in an array of regulated > environments worldwide. It is one of the presentation areas in the Hot > Middlebox Workshop. >

Re: [TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

* The requirements for visibility exist in an array of regulated environments worldwide. It is one of the presentation areas in the Hot Middlebox Workshop.

Re: [TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

The requirements for visibility exist in an array of regulated environments worldwide. It is one of the presentation areas in the Hot Middlebox Workshop. http://www.etsi.org/etsi-security-week-2018/middlebox-security?tab=1 The Middlebox Hackathon site is also now public so everyone can

Re: [TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

> On Mar 14, 2018, at 9:42 AM, Salz, Rich wrote: > > >> So aside from enabling MitM, this also enables session resumption by >the decryption service, something that the security considerations >neglects to include in its list. > > So I think this is an important

Re: [TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

> On Mar 14, 2018, at 4:48 AM, Martin Thomson wrote: > > On Tue, Mar 13, 2018 at 9:49 PM, Russ Housley wrote: >> Nick Sullivan summarized >> four concerns with that approach. See >>

[TLS] Four concerns (was Re: draft-rhrd-tls-tls13-visibility at IETF101)

On Tue, Mar 13, 2018 at 9:49 PM, Russ Housley wrote: > Nick Sullivan summarized > four concerns with that approach. See > https://mailarchive.ietf.org/arch/msg/tls/NJEsyOZ8S3m8fiGk3bJ_lDnL-dg > > draft-rhrd-... addresses all four of these concerns. This isn't quite right.