Hello Team, I am wondering how exactly the Inbound Inspection with PFS works? Diffie-Hellman per definition has the functionality that a key agreement is happening without transfering the key through the "unsecure" channel. All passively listening instances are not able to determine (calculate) the key used for the encryption. Well with this information ahead and the knowledge that inbound inspection is not using a proxy functionality, there is one question left for me. How does the firewall gain the key for the encryption with PFS? Thanks!
... View more