I see at least 6 classes of "middlebox":
1. Inline corporate device (e.g. proxy); explicitly trusted by client through
configuration.
2. Inline lawful intercept surveillance device; the client is not aware that it
is "trusting" the device. (NOTE: I'm not commenting on whether this is
ethical,
On 2/21/2018 3:31 PM, R du Toit wrote:
> I have analyzed the two mechanisms proposed in the draft, with
> specific focus on the impact of middleboxes.
>
>
>
> *_Assumptions:_***
>
> The middlebox is deployed inline, between the client and the fronting
> server, and is allowed to intercept TLS s
