Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

> How exactly do NULL ciphers accomplish enterprise monitoring goals?

I don't understand how this isn't obvious. Unencrypted means it is monitorable.



The presence of an insecure ciphersuite in the TLS standard does not in fact imply the ability of a middlebox to force that ciphersuite; that's kind of the whole point of the TLS protocol. So, I ask again.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: