SANS Top 25 Epic Fail: CWE-319
Published Jan 19, 2009
Version 1.0Was this article helpful?
Termination or not, they're still going to have to decrypt to examine, which means they need access to the keys/certificates, which may mean (depending on the model of the solution) storing those keys/certs on a potentially insecure system.
I do agree that not needing to terminate is certainly a boon - there's less increase in latency when you aren't terminating.