On 17/07/17 17:32, Roland Dobbins wrote: > Sure - detecting attempted additional compromise and lateral movement > utilizing exploits within TLS-encrypted traffic. This is about decrypting traffic inside your network.
> Another is detecting (and subsequent blocking of) the download of > malware by intranet users. > > Detecting data exfiltration is also a common use of this technique in > intranet environments. This is about decrypting traffic that goes outside of your network. I'm not sure the same considerations should apply to both those situations. _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls