undefined | Better HN

0 pointscbsmith7y ago0 comments

...and they want that for transparency, not for nefarious reasons.

0 comments

MITMing TLS outside the endpoints is inherently nefarious, whether they think it is or not.

If you want to compromise the endpoint, compromise the endpoint. Install your own MITM certificates and terminate the connection in the middle, or install client-side malware. Either way, there should always be a giant warning sign on the client that end-to-end security is compromised.

cbsmithOP7y ago

...and in this context they aren't compromising it. They're just sharing their keys so that another component, all part of the same trusted system, can also decrypt the traffic.

cesarb7y ago

Sharing the key allows more than just decryption; it also allows undetectable modification of the traffic. A protocol which allowed third-party decryption but not modification would have been designed differently.

1 more reply

cbsmithOP7y ago

They don't want to compromise the endpoint. They want to ensure they have a record of all communications to and from the endpoint.

funkymike7y ago

In order to implement ETS they already have to compromise the endpoint to make the TLS 1.3 implementation use static keys, right?

1 more reply

j / k navigate · click thread line to collapse

0 comments

JoshTriplett7y ago

MITMing TLS outside the endpoints is inherently nefarious, whether they think it is or not.

cbsmithOP7y ago

...and in this context they aren't compromising it. They're just sharing their keys so that another component, all part of the same trusted system, can also decrypt the traffic.

cesarb7y ago

1 more reply

cbsmithOP7y ago

They don't want to compromise the endpoint. They want to ensure they have a record of all communications to and from the endpoint.

funkymike7y ago

In order to implement ETS they already have to compromise the endpoint to make the TLS 1.3 implementation use static keys, right?

1 more reply

j / k navigate · click thread line to collapse