@techreport{fenter-tls-decryption-00,
    number =    {draft-fenter-tls-decryption-00},
    type =      {Internet-Draft},
    institution =   {Internet Engineering Task Force},
    publisher = {Internet Engineering Task Force},
    note =      {Work in Progress},
    url =       {https://datatracker.ietf.org/doc/draft-fenter-tls-decryption/00/},
    author =    {Steve Fenter},
    title =     {{Why Enterprises Need Out-of-Band TLS Decryption}},
    pagetotal = 21,
    year =      2018,
    month =     mar,
    day =       5,
    abstract =  {Some enterprises are heavily TLS encrypted within their own enterprise network boundaries. Many of these enterprises are also utilizing out-of-band TLS decryption in order to inspect their own traffic for purposes of troubleshooting, network security monitoring, and for other kinds of monitoring. These monitoring functions are mission critical, and cannot just be done without when TLS 1.3 (draft-ietf-tls-tls13-26) is released or when the RSA key exchange is someday deprecated from TLS 1.2 (RFC5246). This draft will outline the use cases for out-of-band TLS decryption, as well as alternative suggestions for monitoring and troubleshooting and the limitations of those alternatives.},
}