[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Nathan Loofbourrow njloof at gmail.com
Wed Nov 30 19:50:23 EST 2011

On Wed, Nov 30, 2011 at 4:47 PM, Rose, Greg <ggr at qualcomm.com> wrote:

> On 2011 Nov 30, at 16:44 , Adam Back wrote:
> > Are there really any CAs which issue sub-CA for "deep packet inspection"
> aka
> > doing MitM and issue certs on the fly for everything going through them:
> > gmail, hotmail, online banking etc.
> Yes, there are. I encountered one in a hotel at Charles de Gaulle airport
> a few weeks ago.

Yup. Boingo does this. Also, many employers.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20111130/0361b5f1/attachment.html>

More information about the cryptography mailing list