So it happened, per recent discussion on this list, it seems that at least
one CA *has* been issuing sub-CA certs for corporate use in mitm boxes.

http://www.infoworld.com/d/security/trustwave-admits-issuing-man-in-the-middle-digital-certificate-185972

mozilla is threatening to remove the CA from their browser.  Trustwave says
they have/will revoke all these sub-CAs and will not issue any more.

They also claim in their defense that other CAs are doing this.

Adam
_______________________________________________
cryptography mailing list
cryptography@randombit.net
http://lists.randombit.net/mailman/listinfo/cryptography

Reply via email to