On Wed, Dec 5, 2018 at 12:09 AM Bret Jordan <jordan.i...@gmail.com> wrote:
> Now this WG is finally starting to talk about a solution to a real problem > and need. We can either address the use case and need here in the IETF, or > we can let the solutions be done else where. I would personally prefer we > take this work item back and solve it here in the IETF. > [...] > > On Dec 5, 2018, at 1:18 AM, Tony Arcieri <basc...@gmail.com> wrote: > [...] > It seems like with an out-of-band escrow agent, the traffic secrets could > be escrowed with no changes to TLS. > > Note that the solution I was proposing here requires no changes to TLS. I am sure that there are many in the IETF who would be happy with people exploring solutions which don't require changes to TLS. Here are some others: - Endpoint agents (OSS - commercial options are also available): - https://osquery.io/ - https://www.bro.org/ (now Zeek) - https://wazuh.com/ - Encrypted traffic analytics: https://blogs.cisco.com/security/tls-version-1-3-change-is-here-and-encrypted-traffic-analytics-has-got-your-back -- Tony Arcieri
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls