On Jul 15, 2017, at 15:07, Ted Lemon <mel...@fugue.com<mailto:mel...@fugue.com>> wrote:
I think that your first and third points are actually non-sequiturs: the unencrypted stream is available to the entities controlling either endpoint, not just the log. This assertion is both incorrect & incomplete in its scope. There is no technical reason that in-flight capture is required to address those two points. This assertion is factually incorrect. There are quite frequently reasons to have both visibility & the ability to intercede into the traffic in question at one or more specific points in the network topology *between* endpoints. This is network security & troubleshooting 101. Did I paraphrase that correctly? No - the attempt to denigrate & dismiss real-world technical operational requirements is invalid, as is the dismissal of the administrative context of actual network operators in the real world. The three points I made are independent of one another, & can be validated by anyone with a moderate degree of operational experience on production networks. ----------------------------------- Roland Dobbins <rdobb...@arbor.net<mailto:rdobb...@arbor.net>>
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls