> On 15 Mar 2018, at 10:53, Ion Larranaga Azcue <ila...@s21sec.com> wrote: > > I fail to see how the current draft can be used to provide visibility to an > IPS system in order to detect bots that are inside the bank… > > On the one hand, the bot would never opt-in for visibility if it’s trying to > exfiltrate data…
The presumption is that any legitimate application would opt-in, so the IPS blocks any TLS connection that does not opt in.
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ TLS mailing list TLS@ietf.org https://www.ietf.org/mailman/listinfo/tls
