I would be interested in how you initiate the traces at all the hundreds of thousands of servers and clients and how you control the flow of pcap files back to where they need to be processed? How are users and apps not impacted?
From: Watson Ladd [mailto:watsonbl...@gmail.com] Sent: Saturday, July 15, 2017 3:26 PM To: Ackermann, Michael <mackerm...@bcbsm.com> Cc: Matthew Green <matthewdgr...@gmail.com>; Dobbins, Roland <rdobb...@arbor.net>; IETF TLS <tls@ietf.org> Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01 On Jul 15, 2017 11:16 AM, "Ackermann, Michael" <mackerm...@bcbsm.com<mailto:mackerm...@bcbsm.com>> wrote: YES! I tried to say in my message that collecting traces on thousands, or hundreds of thousands of hosts, is just not practical or possible. Not to mention the administrative domain barriers to this. We do it every day at my current employer. Guess we do the impossible. From: Dobbins, Roland [mailto:rdobb...@arbor.net<mailto:rdobb...@arbor.net>] Sent: Saturday, July 15, 2017 2:03 PM To: Ackermann, Michael <mackerm...@bcbsm.com<mailto:mackerm...@bcbsm.com>> Cc: Ted Lemon <mel...@fugue.com<mailto:mel...@fugue.com>>; IETF TLS <tls@ietf.org<mailto:tls@ietf.org>>; Matthew Green <matthewdgr...@gmail.com<mailto:matthewdgr...@gmail.com>> Subject: Re: [TLS] draft-green-tls-static-dh-in-tls13-01 On Jul 15, 2017, at 22:36, Ackermann, Michael <mackerm...@bcbsm.com<mailto:mackerm...@bcbsm.com>> wrote: That being the unencrypted stream is available to the endpoints Even where it is eventually available, they don't have the horsepower to capture & forward. ----------------------------------- Roland Dobbins <rdobb...@arbor.net<mailto:rdobb...@arbor.net>> The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies. Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association. _______________________________________________ TLS mailing list TLS@ietf.org<mailto:TLS@ietf.org> https://www.ietf.org/mailman/listinfo/tls The information contained in this communication is highly confidential and is intended solely for the use of the individual(s) to whom this communication is directed. If you are not the intended recipient, you are hereby notified that any viewing, copying, disclosure or distribution of this information is prohibited. Please notify the sender, by electronic mail or telephone, of any unintended receipt and delete the original message without making any copies. Blue Cross Blue Shield of Michigan and Blue Care Network of Michigan are nonprofit corporations and independent licensees of the Blue Cross and Blue Shield Association.
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls