[cryptography] how many MITM-enabling sub-roots chain up to public-facing CAs ?

Thor Lancelot Simon tls at panix.com
Tue Feb 14 15:43:32 EST 2012


On Tue, Feb 14, 2012 at 09:35:45PM +0100, Ralph Holz wrote:
> 
> As Crossbear's assessment is not something everyday users will
> understand, we ourselves view Crossbear as the tool that, e.g., a
> travelling security afficionado/hacker/interested person might want to
> use, but not your average guy. Our goal is to find out how many Mitm
> actually happen, and how, and where. That's why Crossbear has this
> second component, the hunting tasks.

Interesting -- will this work, in the case of authorized MITM of the
network the client's on?  The second SSL connection will always fail,
since the MITM device will MITM it.  Perhaps there should be an option
to retrieve results separately and later?

Thor



More information about the cryptography mailing list