[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

cgp 3cg cgp3cg at gmail.com
Mon Dec 5 06:26:15 EST 2011


> In general it looks like it's a mixture of "it's configurable" and "it depends
> on the vendor" (the above only tells you what Bluecoat do).  Interesting to
> note that the Bluecoat hardware has problems MITM-ing Windows Update, because
> Microsoft apply the quite sensible measure of only allowing something signed
> by a known Windows Update cert (or at least on a Microsoft-supplied trust
> list), rather than any old cert that turns up as long as it's signed by some
> CA somewhere.  I've heard of a similar approach proposed for smartphone mobile
> banking apps, you hardcode in a cert that's used to verify a whitelist of
> known-good certs for banks (more or less like Microsoft's CTLs), and then it
> doesn't matter what certs the CAs sign because if it's not on the CTL then it
> doesn't get trusted.

Sounds similar to the mechanism which allowed detection of the
DigiNotar breach by Chrome:

http://googleonlinesecurity.blogspot.com/2011/08/update-on-attempted-man-in-middle.html

Two major players using certificate pinning to provide additional
security where CAs let us down. There may just be a lesson in there
...

-C



More information about the cryptography mailing list