[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

James A. Donald jamesd at echeque.com
Mon Dec 5 03:14:32 EST 2011


On 2011-12-05 14:58, Sandy Harris wrote:
> Peter Gutmann<pgut001 at cs.auckland.ac.nz>  wrote:
>
>> You have to be inside the captive portal to see these blue-pill certs.  This
>> is why various people have asked for samples, because only a select lucky few
>> will be able to experience them in the wild.
>
> I am in China. How could I test whether the Great Firewall's packet
> sniffers have such a cert.?
> _______________________________________________
> cryptography mailing list
> cryptography at randombit.net
> http://lists.randombit.net/mailman/listinfo/cryptography

If you are in China, you probably have a vpn through the great firewall 
into a tax haven.  If you have software that detects change in certs, 
login with and without your vpn.



More information about the cryptography mailing list