With my chair hat on, I won’t comment one way or the other on whether this should be done, but we have gone down this path before. As I recall, the proposal was pretty resoundingly rejected.
But, what I will say as chair is that this would most definitely require a charter change for the WG. spt > On Apr 04, 2016, at 14:24, Phil Lello <p...@dunlop-lello.uk> wrote: > > Hi, > > I have a use-case for allowing an MITM to monitor traffic, but not > impersonate a server, and to allow MITM signing for replay of > server-responses to support caching. > > As far as I'm aware, TLS currently only supports a shared-secret once session > initialisation is complete, so I'd need to extend the protocol to support > asymmetric encryption for the session. > > Would there be interest in extending TLS to: > - allow monitoring-with-consent (based on asymmetric encryption)? > - allow re-signing from an authorised MITM to support caching? > > Best wishes, > > Phil Lello > > _______________________________________________ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
