Out of Band Decryption in TLS 1.3.
Forward Secrecy in TLS 1.3 makes network communications more secure but also renders traditional out-of-band, man-in-the-middle and decryption at cloud-scale untenable. The intent of the new TLS 1.3 standard is that, if you want to inspect and monitor traffic, you must do so at the endpoints because everything else is locked down with new, stronger ciphers, rapidly rotating "ephemeral" keys and certificate encryption.
This paper explains the challenges posed by forward secrecy in TLS 1.3, the reasons traditional MITM and out of band solutions don't work and breaks down a new architecture developed by Nubeva for you to consider to regain visibility while adopting aggressive encryption practices for security.
Learn More about Cloud Decryption Here.