Project

General

Profile

Actions
Copy link

Task #4123

open
VJ VJ

Task #4122: tracking: handle various TLS decrypt headers in proxies and decryption tools

Research: handle different flow tuples in TLS decrypt

Task #4123: Research: handle different flow tuples in TLS decrypt

Added by Victor Julien over 5 years ago. Updated 14 days ago.

Status:
In Progress
Priority:
Normal
Assignee:
Victor Julien
Target version:
TBD
Effort:
Difficulty:
Label:

Description

Decrypted TLS traffic with special headers indicating the original tuple (see for example #2513) poses a challenge wrt tuple handling.

Rules looking at IP addresses might not work as expected, ip and port vars may be off.

This could perhaps be handled similar to how encapsulation on the IP level is handled: by tracking both tuples separately.

PA Updated by Philippe Antoine almost 2 years ago Actions
Copy link
 #1

  • Assignee set to OISF Ticketbot
  • Target version set to TBD

JI Updated by Jason Ish 7 months ago Actions
Copy link
 #2

  • Assignee changed from OISF Ticketbot to OISF Dev

I don't think assigning to the ticket bot makes much sense.

VJ Updated by Victor Julien 14 days ago Actions
Copy link
 #3

  • Tracker changed from Feature to Task
  • Status changed from New to In Progress
  • Assignee changed from OISF Dev to Victor Julien
Actions
Copy link

Also available in: PDF Atom