28 May
2018
28 May
'18
12:33 p.m.
On Mon, May 28, 2018 at 10:50 AM, Andrey Khomyakov <khomyakov.andrey@gmail.com> wrote:
My understanding is that some enterprises do decrypt traffic in flight with proxies such as bluecoat, though I'm not sure on the particulars of how that works.
PCs within the enterprise contain an enterprise-local root in their certificate store. The proxy re-encrypts using a key whose ephemeral cert chains up to the enterprise root. Regards, Bill Herrin -- William Herrin ................ herrin@dirtside.com bill@herrin.us Dirtside Systems ......... Web: <http://www.dirtside.com/>