nanog mailing list archives

Re: Impacts of Encryption Everywhere (any solution?)

From: William Herrin <bill () herrin us>
Date: Mon, 28 May 2018 12:33:37 -0400

On Mon, May 28, 2018 at 10:50 AM, Andrey Khomyakov
<khomyakov.andrey () gmail com> wrote:

My understanding is that some enterprises do decrypt traffic in flight with
proxies such as bluecoat, though I'm not sure on the particulars of how
that works.


PCs within the enterprise contain an enterprise-local root in their
certificate store. The proxy re-encrypts using a key whose ephemeral
cert chains up to the enterprise root.

Regards,
Bill Herrin



-- 
William Herrin ................ herrin () dirtside com  bill () herrin us
Dirtside Systems ......... Web: <http://www.dirtside.com/>

Current thread:

Impacts of Encryption Everywhere (any solution?) Mike Hammett (May 28)
- Re: Impacts of Encryption Everywhere (any solution?) 1 651-307-9043 (May 28)
- Re: Impacts of Encryption Everywhere (any solution?) Andrey Khomyakov (May 28)
  - Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (May 28)
  - Re: Impacts of Encryption Everywhere (any solution?) William Herrin (May 28)
- Re: Impacts of Encryption Everywhere (any solution?) Rich Kulawiec (May 28)
  - Re: Impacts of Encryption Everywhere (any solution?) Filip Hruska (May 28)
  - Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (May 28)
    - Re: Impacts of Encryption Everywhere (any solution?) nanog (May 28)
    - Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (May 28)
    - RE: Impacts of Encryption Everywhere (any solution?) Keith Medcalf (May 28)
    - Re: Impacts of Encryption Everywhere (any solution?) Rubens Kuhl (May 28)
    - Re: Impacts of Encryption Everywhere (any solution?) Mike Hammett (May 30)
- Re: Impacts of Encryption Everywhere (any solution?) Grant Taylor via NANOG (May 28)
  - Re: Impacts of Encryption Everywhere (any solution?) Matt Erculiani (May 28)

(Thread continues...)