[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

dan at geer.org dan at geer.org
Tue Dec 6 18:11:14 EST 2011

 > This is already standard practice for malware-laden sites, to
 > the extent that it's severely affecting things like Google Safe
 > Browsing and Facebook's link scanner, because Google and Facebook
 > always get to see benign content and only the end user gets the
 > malware.

This is the single greatest side effect of a personalized
web -- what you see depends on who you are.  Like that is
good or something.


More information about the cryptography mailing list