Contrib.social

What use case does this cover?

Open on Drupal.org β†’
Created on 6 February 2025, 17 days ago

I wasn't sure myself so I presented this to a number of people and the general response was we couldn't work out what this was for. Could you present a really obvious example where E2E encryption or TLS is already involved/expected and this would be required?

πŸ’¬ Support request
Status

Active

Version

1.0

Component

Documentation

Created by

πŸ‡¬πŸ‡§United Kingdom niklp Nottingham

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @niklp
  • Comment 16 days ago β†’
    πŸ‡ΈπŸ‡¦Saudi Arabia mesharideb

    I get the confusion,, while obviously TLS is the GOAT of securing data in transit, CSE adds that extra layer of protection, especially in more complex, enterprise environments. some use cases where it can be beneficial

    - Protection After TLS Termination
    When TLS terminates at load balancers or proxies, sensitive data becomes visible within internal networks. CSE ensures data stays encrypted beyond these points, protecting against internal network sniffing or potential MiTM attacks.

    - Mitigating Insider Threats
    - Compliance, Defense-in-Depth, Zero Trust Architecture

    And btw, this is not E2E encryption since the server still decrypts the data (:

  • Comment 16 days ago β†’
    πŸ‡ΈπŸ‡¦Saudi Arabia mesharideb
  • Comment 2 days ago β†’
    System Message

    Automatically closed - issue fixed for 2 weeks with no activity.

contrib.social Blog FAQ Discussions
Production build 0.71.5 2024