Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and for network security?
An Internet Engineering Task Force (IETF) draft for the Network Working Group, proposes a standard for Transport Layer Security (TLS) over HTTP. By moving the TLS handshake up the Open Systems Interconnection (OSI) stack, the authors hope to overcome the challenges faced in establishing secure connections where surveillance ‘middleboxes’ are present on the network.
In short, they want secure and private connections using TLS at the application layer, treating traffic intercepting middleboxes as untrusted transport. The question is whether this ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?