It's 2018, and network middleware still can't handle TLS without breaking encryption


An academic study published last month shows that despite years worth of research into the woeful state of network traffic inspection equipment, vendors are still having issues in shipping appliances that don't irrevocably break TLS encryption for the end user. Encrypted traffic inspection devices (also known as middleware), either special hardware or sophisticated software, have been used in enterprise networks for more than two decades. System administrators deploy such appliances to create a man-in-the-middle TLS proxy that can look inside HTTPS encrypted traffic, to scan for malware or phishing links or to comply with law enforcement or national security requirements. All such devices work in the same way, creating a TLS server on the internal network and a TLS client on the external network. The TLS server receives traffic from the user, it decrypts the connection, allows the appliance to inspect the traffic, and then re-encrypts and relays the connection to the intended server by mimicking the browser via its own TLS client.