I was unable to find a write up on how Untangle handles this so if someone has one that would be great.
Since adding TLS 1.3 support I was looking for some technical details on how Perfect Forward Secrecy (PFS) is being handled by the SSL inspector. Does Untangle terminate the SSL connection established by the client and establish a new SSL connection to the server? I am assuming this is how it would work so from a client’s perspective, Untangle becomes the server and from the original TLS 1.3 server’s perspective, Untangle would become the client. My concern would be considering that Untangle would not just be inspecting the SSL traffic but terminating the connections would this cause some performance by the higher resource requirements. Also, does Untangle 16.10 automatically disable the QUIC protocol when turning on the SSL inspector?