Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)

"Roland Dobbins" <rdobbins@arbor.net> Mon, 17 July 2017 17:01 UTC

From: Roland Dobbins <rdobbins@arbor.net>
To: Watson Ladd <watsonbladd@gmail.com>
Cc: Simon Friedberger <simon.tls@a-oben.org>, tls@ietf.org
Date: Mon, 17 Jul 2017 19:01:18 +0200
Message-ID: <88AD564A-B299-44EB-A825-D20717119AC8@arbor.net>
In-Reply-To: <CACsn0cmmrGd1Q4-GmbJ2VNXUUgKyX18_MsBQmuA2e86bPcLxMQ@mail.gmail.com>
References: <CABkgnnU8ho7OZpeF=BfEZWYkt1=3ULjny8hcwvp3nnaCBtbbhQ@mail.gmail.com> <2A9492F7-B5C5-49E5-A663-8255C968978D@arbor.net> <CABkgnnX7w0+iH=uV7LRKnsVokVWpCrF1ZpTNhSXsnZaStJw2cQ@mail.gmail.com> <FDDB46BC-876C-49FC-9DAE-05C61BB5EFC9@vigilsec.com> <9C81BE7B-7C21-4504-B60D-96BA95C3D2FD@arbor.net> <CAEa9xj55jzch-v0mysbRSryNM0Y7Bdtevmrc3+FVxMO8EP5zWA@mail.gmail.com> <CC3CE5F8-C8C2-4A70-829D-483E26D20733@arbor.net> <CAEa9xj5eR6b_+CsSDArMWWr-u8hx5B81kDVEMEX8sgfUeMUS8g@mail.gmail.com> <C3B01C35-E3A2-4A8B-9DD7-D6E4153ED39F@arbor.net> <CAEa9xj6p0y9ZzxLJvtv9GDzzfs5s13nnLqm=4_fNDPGV+=Od8Q@mail.gmail.com> <BE4E8E4A-51FC-4211-A16F-EBA8B3F01757@arbor.net> <CAEa9xj7sVcGAR03f3pWsK7giFqmu7GRHN4gqh9Nb6uEAOM88Yw@mail.gmail.com> <637C97B3-DA63-4F61-8EB5-D938136D520C@arbor.net> <dfc93b70-0fa4-6cac-8c3d-5f2ff771f85d@a-oben.org> <64A2BAB5-5EAC-4608-9BF4-856CA0859042@arbor.net> <CACsn0cnXv_f_o4NEMMsYW7KQ8UqyEzhyYSAqyZpfsc4ddOr=eA@mail.gmail.com> <CACsn0ckBT29pqdrUk7DfcscmEmG8zoVn119gY+Y73FEuheJGTg@mail.gmail.com> <CACsn0cmmrGd1Q4-GmbJ2VNXUUgKyX18_MsBQmuA2e86bPcLxMQ@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"
SpamDiagnosticOutput: 1:99
SpamDiagnosticMetadata: NSPM
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jul 2017 17:01:29.1509 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY1PR0101MB1036
Archived-At: <https://mailarchive.ietf.org/arch/msg/tls/uPx1rAQjDx3XUNXKCzve4d9AmSY>
Subject: Re: [TLS] Malware (was Re: draft-green-tls-static-dh-in-tls13-01)
X-BeenThere: tls@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "This is the mailing list for the Transport Layer Security working group of the IETF." <tls.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tls>, <mailto:tls-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tls/>
List-Post: <mailto:tls@ietf.org>
List-Help: <mailto:tls-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tls>, <mailto:tls-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 17 Jul 2017 17:01:46 -0000

On 17 Jul 2017, at 18:55, Watson Ladd wrote:

> So FS has no impact on this, correct?

It's often desirable to be able to inspect closer to the internal user 
traffic sources/destinations, as well as at the proxy.  It can greatly 
reduce the scope of traffic which is to be analyzed in any given 
investigative context (and possibly groveled through), which is a 
genuine operational concern.  So, having the ability to look at this 
traffic prior to it reaching the proxy can be valuable.

Many organizations do this, today.

-----------------------------------
Roland Dobbins <rdobbins@arbor.net>

[TLS] Malware (was Re: draft-green-tls-static-dh-… Martin Thomson
Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Malware (was Re: draft-green-tls-static… Kathleen Moriarty
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Martin Thomson
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Russ Housley
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Malware (was Re: draft-green-tls-static… Jeffrey Walton
Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Carl Mehner
Re: [TLS] Malware (was Re: draft-green-tls-static… Simon Friedberger
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Watson Ladd
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Malware (was Re: draft-green-tls-static… Dobbins, Roland
Re: [TLS] Malware (was Re: draft-green-tls-static… Blumenthal, Uri - 0553 - MITLL
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins
Re: [TLS] Malware (was Re: draft-green-tls-static… Roland Dobbins