Abstract

Today, most of the traffic that traverses the Internet is encrypted. Users (e.g., clients) and servers are able to exchange data securely using the Transport Layer Security (TLS) protocol. However, there will likely be one or more proxies in the path between a client and a server and those proxies are able to change some of the security parameters based on, for example, a network security policy. As a result, a client may not know exactly what is happening in the middle. To address these types of challenges, techniques are presented herein that support an extension to the handshake protocol that can request a ‘trace’ feature along a network path. All of the different TLS entities in the network can recognize the extension and add any changes that they are making to the upstream proposal. Advantages of the techniques presented herein include, among other things, helping to troubleshoot the TLS policy end-to-end.

Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 License.

Recommended Citation

McGrew, David; Kalahasti, Soumya; and Joseph, Vineeth, "TRANSPORT LAYER SECURITY PATH TRACER", Technical Disclosure Commons, (September 07, 2021)
https://www.tdcommons.org/dpubs_series/4574

Download

COinS

Technical Disclosure Commons

Defensive Publications Series

TRANSPORT LAYER SECURITY PATH TRACER

Abstract

Creative Commons License

Recommended Citation

Browse

Search

Submit

Additional Information

Technical Disclosure Commons

Defensive Publications Series

TRANSPORT LAYER SECURITY PATH TRACER

Inventor(s)

Abstract

Creative Commons License

Recommended Citation

Share

Browse

Search

Submit

Additional Information