On Tue, 23 Jul 2002, Adam Back wrote: [...]
However, it is possible for the proxy to have its own CA which has been added to your browser. Then it acts as a man in the middle and pretends to be the remote host to you, and vice versa. In that case, it works as you describe, watching the data during its interim decryption.
While it's _possible_ to do this, I've never heard of a server hosted application that advertises that it's doing this. I would think it would be quite hard to get a CA to issue you a certificate if this is what you intended to do with it (act as a general MITM on SSL connections you proxy). [...]
I don't know of any other real-world examples. Rescorla mentions the technique on pp. 316-319 of "SSL and TLS". Certainly Thawte isn't going to issue such wildcard certs, for exactly the reasons you mention. That's why you (or your government, or company, or whoever keeps an eye on you) create your *own* CA and tell your browser to trust it. Then it'll accept the wildcard certs without complaint. -J