Timeline for Is encryption in transit distinct from end-to-end encryption?
Current License: CC BY-SA 4.0
9 events
| when toggle format | what | by | license | comment | |
|---|---|---|---|---|---|
| Feb 25, 2022 at 17:25 | comment | added | Barmar | I've updated the answer to explain this concept somewhat. | |
| Feb 25, 2022 at 17:24 | history | edited | Barmar | CC BY-SA 4.0 | added 509 characters in body |
| Feb 25, 2022 at 17:08 | comment | added | Barmar | I consider this just an "implementation detail", not much different from the type of database that's used. You have to pick your level of abstraction. | |
| Feb 25, 2022 at 17:04 | comment | added | schroeder♦ | ... so the LB is the "end"? There's simply no need to redefine and extend the term like this. It's not accurate and it only confuses the issues. TLS is not E2EE. | |
| Feb 25, 2022 at 16:57 | comment | added | Barmar | I'm treating all the equipment at the service provider end as a black box. So if there's a load balancer, that's conceptually part of the "server". | |
| Feb 25, 2022 at 16:50 | comment | added | schroeder♦ | But that's not E2E encryption. You can't claim that TLS is E2E by itself. See all my comments on the answer below. | |
| Feb 25, 2022 at 16:47 | comment | added | Barmar | I'm not sure what you mean. When you go to an HTTPS URL, the browser and server use TLS automatically, and that encrypts the communication. | |
| Feb 25, 2022 at 16:42 | comment | added | schroeder♦ | Your bank app example only holds if there are a lot of other controls to enforce the end-to-end nature of the encryption. You can't make that a blanket statement simply because TLS is in use. | |
| Feb 25, 2022 at 15:26 | history | answered | Barmar | CC BY-SA 4.0 |