6 May
2016
6 May
'16
1:47 a.m.
A “TLS Proxy” short-circuits the security of TLS/SSL connections so it can do deep-packet inspection on encrypted connections. This kind of thing always seemed dodgy. And now it turns out that is so for good reason: these devices are full of holes <http://www.theregister.co.uk/2016/05/05/tls_proxies_are_insecure/>. The paper mentioned there concentrated on consumer/retail devices. But it’s unlikely ones designed for business/enterprise use are going to fare any better...