Davey Winder

delivering award-winning technology journalism since 1991

people with TV screen heads
Analysis 

Will IETF proposal be the end of enterprise middlebox traffic snooping?

Davey Winder 1194 Views , , , ,

Is the ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and for network security?

An Internet Engineering Task Force (IETF) draft for the Network Working Group, proposes a standard for Transport Layer Security (TLS) over HTTP. By moving the TLS handshake up the Open Systems Interconnection (OSI) stack, the authors hope to overcome the challenges faced in establishing secure connections where surveillance ‘middleboxes’ are present on the network.

In short, they want secure and private connections using TLS at the application layer, treating traffic intercepting middleboxes as untrusted transport. The question is whether this ability to effectively bypass monitoring middleboxes is a good thing, both for the enterprise and more broadly network security?

Click here to read complete article

You May Also Like

drawing of a Fingbox and Fing app

Use a Fingbox to help whack the KRACK attack

Davey Winder
Photo of some memory chips

Enterprises CAN defend against new wave of anti-forensic cyber-attacks

Davey Winder
electro ball emanating 'lightning' streaks

Spanish research tool probes smartphone electromagnetic emissions for encryption keys

Davey Winder