[cryptography] trustwave admits issuing corporate mitm certs
Adam Back
adam at cypherspace.org
Sun Feb 12 01:04:13 PST 2012
So it happened, per recent discussion on this list, it seems that at least
one CA *has* been issuing sub-CA certs for corporate use in mitm boxes.
http://www.infoworld.com/d/security/trustwave-admits-issuing-man-in-the-middle-digital-certificate-185972
mozilla is threatening to remove the CA from their browser. Trustwave says
they have/will revoke all these sub-CAs and will not issue any more.
They also claim in their defense that other CAs are doing this.
Adam
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography
----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE
More information about the Testlist
mailing list