F5 Networks Response to US-CERT Alert (TA17-075A) HTTPS Interception Weakens TLS Security
F5 Networks Response to US-CERT Alert (TA17-075A) HTTPS Interception Weakens TLS Security
Summary
When properly configured, the F5 BIG-IP addresses nearly all the concerns, and avoids nearly al...
Published Apr 24, 2017
Version 1.0MegaZone
SIRT
Joined March 03, 2010
MegaZone
SIRT
Joined March 03, 2010
MegaZone
Apr 26, 2017SIRT
There are ongoing discussions about changing the defaults. The current defaults allow it to work 'out of the box' in most environments by being generous in what they accept, but that requires users to tighten the settings if they desire increased validation. However, the defaults are regularly reviewed and could be changed in future releases. Since it is a behavior change this would most likely be in a major release.