On 20 Jul 2017, at 21:21, Carl Mehner wrote:
It's not an overnight change, but it is a practical one, and one that could end up making these complicated applications that "need" static-key-style decryption work more effectively and efficiently.
The problems of capex, opex, scale, additional complexity, and potentially broadening the attack surface via additional inline termination are also considerations - these tradeoffs may work for some organizations, but don't for many.
Whether or not one can obtain sufficient application/service instrumentation is also highly situationally-specific.
----------------------------------- Roland Dobbins <rdobb...@arbor.net> _______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
