"For encrypted networks, [the owner of the network] MITMing the encryption breaks the security."
What security, specifically. Security from who/what.
Let's say a network owned by C comprises computer A and computer B, A is connected to B and B is connected to the internet.
Computer A runs "apps" controlled by D and not trusted by C. B runs only programs trusted by C.
Both A and B, i.e., the programs runing on them, are each capable of encrypting traffic.
Let's say the approach C takes on C's network is to let B handle encryption. Not A.
The apps running on Computer A want to encrypt traffic but, in C's opinion, that "security" is for the benefit of D not C.
Computer B encrypts all traffic bound for the internet and decrypts all traffic received from the internet. C does not need D's apps to perform encryption.
It is C's network. Is there a reason C should not control encryption on C's own network.
Is there a reason D should be able to run its "apps" on C's network and encrypt traffic that D cannot inspect.
Would D allow C to run programs on D's network that encrypt traffic so that D cannot inspect it. (Reciprocity.)
One could imagine the encryption by D's apps running on Computer A is security against D, the owner of the network.
Any other "security" provided by D's apps encrypting traffic on A is already provided by B.
(Given the existence of B, encryption by A is unnecessary and redundant.)
What security, specifically. Security from who/what.
Let's say a network owned by C comprises computer A and computer B, A is connected to B and B is connected to the internet.
Computer A runs "apps" controlled by D and not trusted by C. B runs only programs trusted by C.
Both A and B, i.e., the programs runing on them, are each capable of encrypting traffic.
Let's say the approach C takes on C's network is to let B handle encryption. Not A.
The apps running on Computer A want to encrypt traffic but, in C's opinion, that "security" is for the benefit of D not C.
Computer B encrypts all traffic bound for the internet and decrypts all traffic received from the internet. C does not need D's apps to perform encryption.
It is C's network. Is there a reason C should not control encryption on C's own network.
Is there a reason D should be able to run its "apps" on C's network and encrypt traffic that D cannot inspect.
Would D allow C to run programs on D's network that encrypt traffic so that D cannot inspect it. (Reciprocity.)
One could imagine the encryption by D's apps running on Computer A is security against D, the owner of the network.
Any other "security" provided by D's apps encrypting traffic on A is already provided by B.
(Given the existence of B, encryption by A is unnecessary and redundant.)