
eTLS - a deliberately weakened European TLS standard - weinzierl
https://www.etsi.org/news-events/news/1358-2018-11-press-etsi-releases-standards-for-enterprise-security-and-data-centre-management
======
weinzierl
Heise has a good coverage but only in German. Here is a link to the auto-
translated version, which is not too bad:

[https://translate.google.com/translate?sl=auto&tl=en&js=y&pr...](https://translate.google.com/translate?sl=auto&tl=en&js=y&prev=_t&hl=en&ie=UTF-8&u=https%3A%2F%2Fwww.heise.de%2Fsecurity%2Fmeldung%2FVerschluesselung-
Europaeischer-Abhoer-Standard-veroeffentlicht-4220967.html&edit-text=&act=url)

Here are the main points, quoted from the auto-translation:

Encryption: European interception standard published

ETSI standardizes with eTLS a crippled version of the Internet standard TLS,
with which companies can monitor their data traffic - for now at least.

The "Technical Committee CYBER" of the European Telecommunications Standards
Institute (ETSI) has now standardized a variant of the new protocol, TLS 1.3.
eTLS - short for Enterprise TLS - should allow data center operators to meet
their obligations to secure their networks, it is said in the message to TS
103 523-3 . In fact, it is a deliberate weakening of the Transport Layer
Security (TLS) encryption standard. It makes it possible to provide duplicate
keys with which the securely transmitted data can be decrypted by third
parties.

~~~
type0
One might think that "e" in eTLS stands for eavesdroping.

