[TLS] NIST on addressing visibility challenges with TLS 1.3
This will be of interest to some on this list. Quoting: “The NCCoE at NIST recognizes the challenges associated with compliance, operations, and security when enterprises employ encrypted protocols, in particular Transport Layer Security (TLS) 1.3, in their data centers. This project will use commercially available technologies to demonstrate a range of approaches for enabling necessary intra-enterprise access to unencrypted/decrypted information. “ More at https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 including how to participate. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] NIST on addressing visibility challenges with TLS 1.3
👀 On Tue, Sep 28, 2021, 12:54 PM Salz, Rich wrote: > This will be of interest to some on this list. Quoting: “The NCCoE at > NIST recognizes the challenges associated with compliance, operations, and > security when enterprises employ encrypted protocols, in particular > Transport Layer Security (TLS) 1.3, in their data centers. This project > will use commercially available technologies to demonstrate a range of > approaches for enabling necessary intra-enterprise access to > unencrypted/decrypted information. “ > > > > > > More at > https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 > including how to participate. > ___ > TLS mailing list > TLS@ietf.org > https://www.ietf.org/mailman/listinfo/tls > ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] NIST on addressing visibility challenges with TLS 1.3
Hiya, On 28/09/2021 17:53, Salz, Rich wrote: This will be of interest to some on this list. Quoting: “The NCCoE at NIST recognizes the challenges associated with compliance, operations, and security when enterprises employ encrypted protocols, in particular Transport Layer Security (TLS) 1.3, in their data centers. This project will use commercially available technologies to demonstrate a range of approaches for enabling necessary intra-enterprise access to unencrypted/decrypted information. I'm glad I'm not a tax payer in a jurisdiction that's encouraging people to weaken the security properties this WG has tried hard to improve. I wonder do other parts of NIST sponsor work like that - it'd be a bit like [1] producing specs on how to get your thumb on the scales;-) From my perspective this kind of thing also makes it harder to figure out what overall evaluation to associate with the agency that produced AES, dual-ec, this stuff, and presumably some PQ alg "winners" in the near future. Quite the mixed bag that. Cheers, S. [1] https://www.nist.gov/pml/weights-and-measures More at https://www.nccoe.nist.gov/projects/building-blocks/applied-cryptography/addressing-visibility-challenges-tls-13 including how to participate. ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls OpenPGP_0x5AB2FAF17B172BEA.asc Description: OpenPGP public key OpenPGP_signature Description: OpenPGP digital signature ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
Re: [TLS] NIST on addressing visibility challenges with TLS 1.3
On Tue, Sep 28, 2021 at 2:32 PM Stephen Farrell wrote: > On 28/09/2021 17:53, Salz, Rich wrote: > > This will be of interest to some on this list. > I mean, maybe, but what's the list policy on this stuff? It just looks like conference spam to me. I'd guess the government folks on the list would already know about this NIST effort. > I'm glad I'm not a tax payer in a jurisdiction that's > encouraging people to weaken the security properties this > WG has tried hard to improve. > Unfortunately, I am such a taxpayer. thanks, Rob ___ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
