reply
There are already plenty of ways for enterprises to get around this, like having their own CA and deploying that as a trusted CA to their machines. Then they can issue certs that their proxies could use, and their machines would just trust those certs.
Why don't they just use that method?
Seems irresponsible to a layman like me.
More complex is to log the DH private key that is used and make that available to the middle box.
And as last resort, the server can just send all plain text to the middle box.
There is no such thing as one-size-fits-all security. The important thing of course, is to make sure that such a feature cannot be turned on accidentally.
I don't know about EC, but in classical DH, if the server uses the same DH private key for all connections, then a client can detect that (by initiating multiple connections). So a paranoid client library can issue a warning.
reply