[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

ianG iang at iang.org
Tue Dec 6 06:43:44 EST 2011

On 6/12/11 21:52 PM, Florian Weimer wrote:
> * Adam Back:
>> Are there really any CAs which issue sub-CA for "deep packet inspection" aka
>> doing MitM and issue certs on the fly for everything going through them:
>> gmail, hotmail, online banking etc.
> Such CAs do exist, but to my knowledge, they are enterprise-internal CAs
> which are installed on corporate devices, presumably along with other
> security software.  Even from a vendor point of view, this additional
> installation step is desirable because it fits well with a per-client
> licensing scheme, so I'm not sure what the benefit would be to get a
> certificate leading to one of the public roots.

The promise of PKI in secure browsing is that it addresses the MITM.  
That's it, in a nutshell.  If that promise is not true, then we might as 
well use something else.

If the reality is that it simply makes the MITM a sellable feature, 
that's a breach of the promise.  If the situation is "we'll protect you 
from some MITMs and we'll sell other MITMs over you ..." it's a breach 
of the original terms that were foisted on browsing in the first place...

Now, this doesn't necessarily mean that some MITMs can't be justified.  
It's more that the original promise is what the users believe.  And 
exceptions like this aren't really tolerated in the beliefs of users.

So, we need that debate:  what's an exception?  what's tolerable?  
what's the point?

We need to see those MITM certs.  So we can understand what the nature 
of the breach is.


More information about the cryptography mailing list