Earlier in the discussion there were questions about why a service provider would want to MITM their customers. This has now been answered by a service provider: It's to protect the chiiiiildren. From http://patrick.seurre.com/?p=42 Three's policy with regards to filtering is intended to ensure that children are protected from inappropriate content when using the internet on their phones [...] This is not about intercepting customer communications but is about the safety of children who use our network. Note that while they're using Bluecoat hardware to do it, there's no mention of SSL MITM'ing. Another interesting point in the post: In addition I asked Three why they were wasting money on Bluecoat's services when any webmaster worth his salt knows how to tailor the webpage provided based on the IP address of the PC making the request. They could produce a page full of innocent images for Bluecoat when they come calling, but save all the unsavoury material for the .real. visitor. This is already standard practice for malware-laden sites, to the extent that it's severely affecting things like Google Safe Browsing and Facebook's link scanner, because Google and Facebook always get to see benign content and only the end user gets the malware. Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE