Would it be possible to use delegated credentials to address lawful intercept concerns, similar to eTLS?
Basically, the server operator would issue a delegated credential to someone who has to decrypt or modify the traffic after intercepting it, without having to disclose that backdoor in certificate transparency logs. And in a data center scenario, perhaps people feel more comfortable loading those short-term credentials into their monitoring equipment. _______________________________________________ TLS mailing list [email protected] https://www.ietf.org/mailman/listinfo/tls
