1 回答
- 最新
- 投票最多
- 评论最多
0
What I do know is that any traffic from the ALB to a target that is using SSL doesn’t strictly follow SSL standards.
The alb does not care if it connects to a target that’s running a self signed cert or a cert that’s expired.
That said you will never know if there’s a “man in the middle”
However, the information you have found regarding vpc traffic encryption is true which is transparent.
If it’s really a concern then end to end encryption may be needed to meet certain controls and standards. That’s I guess a business decision.
Not sure if that helps answer your question.
相关内容
- AWS 官方已更新 2 年前
- AWS 官方已更新 7 个月前
- AWS 官方已更新 2 年前
"However, the information you have found regarding vpc traffic encryption is true which is transparent.", sure, but is AWS encrypting with the Caesar cipher, or are they doing something else? AWS seems confident in their encryption enough to tell users that it exists, so, they should make us confident in their encryption by telling us how it works.