This profile is standardised in TS 103 523-2. This is a 2-sided fine grained MSP profile. It allows the application to separate its data into different contexts and can control the permission granted to the middlebox on a per-context basis. This allows the application to restrict the permissions granted to the middlebox to the minimum deemed necessary by the application.
ETSI MSP-OpenSSL library
The library is currently in development. For contributors, the to-do list can be found here.
ETSI MSP-OpenSSL demonstrator
There are currently 3 demonstrator programs contained within the OpenSSL library, located in the evaluations\demonstrations folder. These pages detail the program itself and the sample output
Demo 1 - This demonstrates the setup of a session using a single context and a middlebox authorised to see the content.
Demo 2 - This demonstrated the establishment of a session with multiple contexts to demonstrate how access to certain contexts can be restricted.
Demo 3 - This demonstrates the sending and receiving of data is end-to-end encrypted and that a middlebox does not need to re-encrypt data (unless it is authoring new content).