Re: An Improved Framework for Incident Handling

From: S Moonesamy <sm+mu_at_elandsys.com>
Date: Tue, 31 Mar 2015 07:03:20 -0700

Hi Logan, Ish,
At 23:45 30-03-2015, Loganaden Velvindron wrote:
>However, has there been an analysis as to how it impacts security ?
>
>If the box strips SSL layer to analyse the contents, then it might
>lead to SSL downgrade attacks. So no matter how strong I beef the SSL
>security on my server in Europe, or the US, The content filtering box
>will (silently) downgrade to a lower cipher and make make "secure" SSL
>connection less secure. This is surprisingly common.
>
>So by trying to solve a problem, they introduce another problem. I
>think that there needs to be more "check and balance". Before
>introducing solutions like this, they should seek input from the local
>ICT and Internet Community.

At 10:00 30-03-2015, Ish Sookun wrote:
>I am not that much comfortable with an ISP or the Government
>monitoring Internet traffic of free citizens of a country. I do not
>pay my ISP to peek into my searches.

Have you tried discussing about the above with the Chair of the ICT
Advisory Council? The person may be able to help.

Regards,
S. Moonesamy
Received on Tue Mar 31 2015 - 14:03:43 PST

This archive was generated by hypermail 2.3.0 : Tue Mar 31 2015 - 14:09:04 PST