[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Peter Gutmann pgut001 at cs.auckland.ac.nz
Mon Dec 5 00:51:26 EST 2011


Sandy Harris <sandyinchina at gmail.com> writes:

>I am in China. How could I test whether the Great Firewall's packet sniffers
>have such a cert.?

I'd be kinda surprised if they did that because it's meant to be surreptitious
and the Great Firewall isn't exactly a state secret.  I'd just use the
Perspectives extension to warn me about odd things.

Oh heck, just run Perspectives anyway no matter what.  It's great for
overriding Firefox' pointless browser warnings.

Peter.



More information about the cryptography mailing list