Ondrej Mikle <ondrej.mikle@nic.cz> writes:

How do MitM boxes react when they MitM connection to a server with self- signed cert (or cert issued by an obsure CA not trusted by MitM box)?

For one example, see http://wikileaks.org/spyfiles/docs/bluecoat/219_blue-coat-systems-reference-... and http://wikileaks.org/spyfiles/docs/bluecoat/246_blue-coat-systems-deployment.... In general it looks like it's a mixture of "it's configurable" and "it depends on the vendor" (the above only tells you what Bluecoat do). Interesting to note that the Bluecoat hardware has problems MITM-ing Windows Update, because Microsoft apply the quite sensible measure of only allowing something signed by a known Windows Update cert (or at least on a Microsoft-supplied trust list), rather than any old cert that turns up as long as it's signed by some CA somewhere. I've heard of a similar approach proposed for smartphone mobile banking apps, you hardcode in a cert that's used to verify a whitelist of known-good certs for banks (more or less like Microsoft's CTLs), and then it doesn't matter what certs the CAs sign because if it's not on the CTL then it doesn't get trusted.

Given the state of security/auditing of "private sub-CAs" as described, was there ever a report of a breach (e.g. stolen key, fraudulently issued certs)?

You're joking, right? Peter. _______________________________________________ cryptography mailing list cryptography@randombit.net http://lists.randombit.net/mailman/listinfo/cryptography ----- End forwarded message ----- -- Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org ______________________________________________________________ ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org 8B29F6BE: 099D 78BA 2FD3 B014 B08A 7779 75B0 2443 8B29 F6BE