[144473] in North American Network Operators' Group
Re: Microsoft deems all DigiNotar certificates untrustworthy,
daemon@ATHENA.MIT.EDU (Damian Menscher)
Mon Sep 12 13:51:19 2011
In-Reply-To: <CAHyNd163a5Yc=sCM7a6DamG=Jm1XecnPmcFbnu=OwDxn--b1ag@mail.gmail.com>
From: Damian Menscher <damian@google.com>
Date: Mon, 12 Sep 2011 10:50:09 -0700
To: Martin Millnert <millnert@gmail.com>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Mon, Sep 12, 2011 at 7:09 AM, Martin Millnert <millnert@gmail.com> wrote:
>
> Something similar, including use of purchased (not only limited to
> stolen certs), is ongoing already, all of the time. (I had a fellow
> IRC-chat-friend report from a certain very western-allied middle
> eastern country that there's ISP/state-scale SSL-MITM ongoing there,
> for all https traffic.)
If this were true, don't you think your friend would provide an SSL cert?
Damian
--
Damian Menscher :: Security Reliability Engineer :: Google
