> It seems wiser for Bob to somehow monitor or log what is being done with his > own plaintexts at his own server. I know little about existing products to > do this, but from my theoretical perspective, it ought to be easier than > compromising forward-secrecy (logging ciphertexts).
+1. I worked on two separate projects where all messages were effectively duplicated - one was sent as expected and the other was sent to a logging server. It did not matter what the message was. It could have been email, chat a pdf or a word doc. Everything was logged by order of the auditor. One project was for the state department, and the other was diplomatic security service. They did not care about efficiency. After the Manning breach and some other classified leaks, they cared very much about exactly what was egressed. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
