TLS 1.3 Impact on Network-Based Security
draft-camwinget-tls-use-cases-05
| Document | Type | Expired Internet-Draft (individual) | |
|---|---|---|---|
| Authors | Flemming Andreasen , Nancy Cam-Winget , Eric Wang | ||
| Last updated | 2020-01-09 (latest revision 2019-07-08) | ||
| Stream | (None) | ||
| Intended RFC status | (None) | ||
| Formats |
Expired & archived
pdf
htmlized (tools)
htmlized
bibtex
|
||
| Stream | Stream state | (No stream defined) | |
| Consensus Boilerplate | Unknown | ||
| RFC Editor Note | (None) | ||
| IESG | IESG state | Expired | |
| Telechat date | |||
| Responsible AD | (None) | ||
| Send notices to | (None) | ||
https://www.ietf.org/archive/id/draft-camwinget-tls-use-cases-05.txt
Abstract
Network-based security solutions are used by enterprises, public sector, and cloud service providers today in order to both complement and enhance host-based security solutions. TLS 1.3 introduces several changes to TLS 1.2 with a goal to improve the overall security and privacy provided by TLS. However some of these changes have a negative impact on network-based security solutions and deployments that adopt a multi-layered approach to security. While this may be viewed as a feature, there are several real-life use case scenarios where the same functionality and security can not be offered without such network-based security solutions. In this document, we identify the TLS 1.3 changes that may impact such use cases.
Authors
Flemming Andreasen
(fandreas@cisco.com)
Nancy Cam-Winget
(ncamwing@cisco.com)
Eric Wang
(ejwang@cisco.com)
(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)