Davey Winder

delivering award-winning technology journalism since 1991

people with TV screen heads
Analysis 

Will IETF proposal be the end of enterprise middlebox traffic snooping?

Davey Winder 1435 Views , , , ,

Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and for network security?

An Internet Engineering Task Force (IETF) draft for the Network Working Group, proposes a standard for Transport Layer Security (TLS) over HTTP. By moving the TLS handshake up the Open Systems Interconnection (OSI) stack, the authors hope to overcome the challenges faced in establishing secure connections where surveillance ‘middleboxes’ are present on the network.

In short, they want secure and private connections using TLS at the application layer, treating traffic intercepting middleboxes as untrusted transport. The question is whether this ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Click here to read complete article

You May Also Like

Photo of barbed wire

How to protect against a DDoS attack

Davey Winder
bees in hive

Attack of the intelligent cyber-bees

Davey Winder
mocked up ransomware screen

Ransomware actors turn attention to holding websites hostage

Davey Winder