[cryptography] really sub-CAs for MitM deep packet inspectors? (Re: Auditable CAs)

[Peter Gutmann]

Adam Back <adam at cypherspace.org> writes:

>Start of the thread was that Greg and maybe others claim they've seen a cert
>in the wild doing MitM on domains the definitionally do NOT own.

It's not just a claim, I've seen them too.  For example I have a cert issued
for google.com from such a MITM proxy.  I was asked by the contributor not to
reveal any details on it because it contains the name and other info on the
intermediate CA that issued it, but it's a cert for google.com used for deep
packet inspection on a MITM proxy.  I also have a bunch of certs from private-
label CAs that chain directly up to big-name public CAs, there's no technical
measure I can see in them anywhere that would prevent them from issuing certs
under any name.

(An unfortunate effect of the private-label CAs is that they contain
identifying information on the organisation that uses them, something I hadn't
considered in my "post them to the list" request, and publishing them would
publicly out your employer or organisation as doing this.  So I'll modify my
"post to the list" to "email them to me in private" :-).

>The real question again is can we catch a boingo or corp lan or government
>using a MitM sub-CA cert, and then we'll know which CA is complicit in issuing
>it, and delist them.

Given that some of the biggest CAs around sell private-label CA certs, you'd
end up shutting down half the Internet if you did so.

Peter.
_______________________________________________
cryptography mailing list
cryptography at randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE