[cryptography] if MitM via sub-CA is going on, need a name-and-shame catalog (Re: really sub-CAs for MitM deep packet inspectors?)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Fri Dec 2 08:24:53 EST 2011


Adam Back <adam at cypherspace.org> writes:

>[WAP wildcard certs]
>
>That is bad.  Are you saying there is anyone doing SSL mitm for stream
>compression reasons?  Who?

The use of wildard certs in WAP gateways came up from the SSL Observatory
work... hmm, there's at least a mention of it in "An Observatory for the
SSLiverse".

Peter.




More information about the cryptography mailing list