Elaborate on endpoint security complications?

echdeploy / draft-ech-deployment-considerations

IETF draft describing TLS ECH deployment considerations

Other

4 stars 1 forks source link

Elaborate on endpoint security complications? #30

Open taddhar opened 1 year ago

taddhar commented 1 year ago

as {{I-D.draft-taddei-smart-cless-introduction}} as well as {{MAGECART}} {{MITB}} {{MITB-MITRE}} {{MALVERTISING}} showed that in some cases, the only way to detect an attack is through the use of network-based security. The loss of visibility of the SNI data will make it much harder to detect attacks. The endpoints components (operating system, applications, browsers, etc.) cannot be judge and party.

taddhar commented 1 year ago

Perhaps we should have a look for -06 including from the DNS session of 15th of May with Paul Vixie, etc.

Refer to @PascalPaisant email

taddhar commented 11 months ago

This is a point of view that should be better represented:

if you exhausted all possibilites to protect from the network, can you do it on the endpoint
if yes, what are the other implications, +, -, limits
The IAB will provide a document that shows that scanning (filtering?) should not be done on the endpoint either!! So we do have a growing problem in this area too.

Note: this would leave malware roaming in the network ...