Addressing Visibility Challenges with TLS 1.3 Within the Enterprise

[filleokus]

As someone (thankfully) not in the loop with these enterprise tools, what exactly is the issue? How did it work before (and what have changed)?

Can't enterprises just MITM the traffic and sign it with a CA the clients trust? What's the benefit of the previous solutions?

[tptacek]

By way of example: TLS 1.3 eliminated the RSA key exchange, which breaks passive decryption of TLS, which was a common enterprise security technique.

[filleokus]

Hmm, thanks. But that only works when the passive eavesdropper has the server private key (right?). That seems quite limiting if you want to have "visibility" into network traffic?

I don't really understand the full picture / use case here. Is it only for internal traffic, or is it used in combination with some other more active mitm method to act as the server even for e.g gmail.com?

[tptacek]

Yes.

[ngrilly]

> Can't enterprises just MITM the traffic and sign it with a CA the clients trust?

This is what Zscaler is doing. I know because my company was (unfortunately) using this.

[Avamander]

> ZScaler

Awful company with 0 protections against being abused. They can't handle stopping a DDoS originating from their service I can't imagine them being trustworthy for a full MiTM.

[dilyevsky]

As far I understand the issue is encryped client hello.

> Can't enterprises just MITM the traffic and sign it with a CA the clients trust? What's the benefit of the previous solutions?

This wont work with cert pinning and also is a lot more expensive

[Avamander]

Boo-hoo?

If it's not your endpoint then it's not yours to intercept and analyze?

[dilyevsky]

Did you miss the part where it says “enterprise”?

[Avamander]

I certainly can't see the part where saying "enterprise" should grant me the right to intercept and analyse someone's traffic.