[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)
njloof at gmail.com
Wed Nov 30 19:50:23 EST 2011
On Wed, Nov 30, 2011 at 4:47 PM, Rose, Greg <ggr at qualcomm.com> wrote:
> On 2011 Nov 30, at 16:44 , Adam Back wrote:
> > Are there really any CAs which issue sub-CA for "deep packet inspection"
> > doing MitM and issue certs on the fly for everything going through them:
> > gmail, hotmail, online banking etc.
> Yes, there are. I encountered one in a hotel at Charles de Gaulle airport
> a few weeks ago.
Yup. Boingo does this. Also, many employers.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the cryptography