From adam@cypherspace.org Fri Jul  6 02:41:31 2018
From: Adam Back <adam@cypherspace.org>
To: cypherpunks-legacy@lists.cpunks.org
Subject: [cryptography] trustwave admits issuing corporate mitm certs
Date: Fri, 06 Jul 2018 02:41:31 +0000
Message-ID:
 <172289271304.3881296.8489480491468157536.generated@mail.pglaf.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============6753066429907594371=="

--===============6753066429907594371==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

So it happened, per recent discussion on this list, it seems that at least
one CA *has* been issuing sub-CA certs for corporate use in mitm boxes.

http://www.infoworld.com/d/security/trustwave-admits-issuing-man-in-the-middl=
e-digital-certificate-185972

mozilla is threatening to remove the CA from their browser.  Trustwave says
they have/will revoke all these sub-CAs and will not issue any more.

They also claim in their defense that other CAs are doing this.

Adam
_______________________________________________
cryptography mailing list
cryptography(a)randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
--=20
Eugen* Leitl <a href=3D"http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE



--===============6753066429907594371==--