I suspect the right place to do this is not at the TLS layer. As Bill said: do it with two TLS sessions, and then provide authenticated, cacheable objects. The sub-resource-integrity system <https://www.w3.org/TR/SRI/> tried to achieve that, and seems to get pretty close.
-Brian > On Apr 4, 2016, at 1:24 PM, Phil Lello <[email protected]> wrote: > > Hi, > > I have a use-case for allowing an MITM to monitor traffic, but not > impersonate a server, and to allow MITM signing for replay of > server-responses to support caching. > > As far as I'm aware, TLS currently only supports a shared-secret once session > initialisation is complete, so I'd need to extend the protocol to support > asymmetric encryption for the session. > > Would there be interest in extending TLS to: > - allow monitoring-with-consent (based on asymmetric encryption)? > - allow re-signing from an authorised MITM to support caching? > > Best wishes, > > Phil Lello > > _______________________________________________ > TLS mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
