|
|
|
|
|
|
by toast0
243 days ago
|
|
|
> You're just creating a massive single point of failure and potentially massively weakening encryption. It need not be a single point of failure. You can set these things up with redundancy. There's certainly an element of adding risk, your interception box is a big target to do unauthorized interception or tampering; but there's also an element of reducing risk --- you'd be potentially able to see and respond to traffic that would be opaque otherwise. |
|
|
Yes, so instead of one box with the keys to decrypt all the traffic flowing through the network I'll have multiple boxes that have the ability to decrypt all the traffic. Multiple machines to update and secure and guard against those getting attacked or else everything gets broken.