More man-in-the-middle'd SSL sessions on the way
Jerrold Leichter
leichter_jerrold at emc.com
Fri Aug 8 10:18:17 EDT 2008
From an article about WAN optimization appliances in Computerworld:
In some markets, such as health and finance, [hiring] a managed
provider [who will do the encryption "outside" your routers] isn't a
good option for another reason: Because data is optimized in an
unencrypted state, privacy and security concerns arise. But vendors
such as Riverbed, Juniper Networks and Blue Coat Systems can serve as
a trusted "man in the middle" for optimizing data encrypted with SSL,
which is commonly used in applications with Web interfaces and other
Internet traffic. They terminate the encrypted session,
decrypt, optimize and then re-encrypt and forward the traffic.
[Gartner's Joe] Skorupa said most vendors are developing this
useful capability.
It may indeed be a useful capability - but widespread use will destroy
what little is left of the SSL trust model.
-- Jerry
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list