Sep 21, 2018

[HDGEM] What is end-to-end encryption?

End-to-end encryption never decrypts traffic between the browser and web server.

When your web browser connects directly to a website using HTTPS, your connection is end-to-end encrypted. 

If the website is using a Cloud WAF or similar service that decrypts traffic to inspect it, your connection is not end-to-end encrypted because your traffic is decrypted at the cloud WAF, not at the website you are visiting.

Similarly if you are on an office network and the company is using an HTTPS interception product to secure the network, they are also decrypting your traffic before it reaches the destination. This is not end-to-end encryption.