[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

Nathan Loofbourrow njloof at gmail.com
Wed Nov 30 19:50:23 EST 2011


On Wed, Nov 30, 2011 at 4:47 PM, Rose, Greg <ggr at qualcomm.com> wrote:

> On 2011 Nov 30, at 16:44 , Adam Back wrote:
>
> > Are there really any CAs which issue sub-CA for "deep packet inspection"
> aka
> > doing MitM and issue certs on the fly for everything going through them:
> > gmail, hotmail, online banking etc.
>
> Yes, there are. I encountered one in a hotel at Charles de Gaulle airport
> a few weeks ago.


Yup. Boingo does this. Also, many employers.

n
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.randombit.net/pipermail/cryptography/attachments/20111130/0361b5f1/attachment.html>


More information about the cryptography mailing list