Kai Engert <[email protected]> writes: >On Sat, 2016-01-09 at 14:11 +0000, Peter Gutmann wrote: >> That would have some pretty bad consequences. With the MITM CA cert enabled, >> Borat [0] can read every Kazakh user's email, but no-one else can. With the >> MITM CA blacklisted, Borat can still read every Kazakh user's email, but so >> can everyone else on the planet. So the choice is between privacy against >> everyone but one party, and privacy against no-one. > >I don't understand why blacklisting a MITM CA would enable everyone to read >the data that passes through the MITM. Could you please explain? (It sounds >like there is either a misunderstanding on your or on my side.)
For the MITM to work, Borat will be proxying all traffic out of (and into) the country. If you allow the MITM cert, only Borat/the proxy can read everyone's traffic. If you disallow the cert and turn off encryption, Borat can still read everyone's traffic, but so can everyone else on the planet. The "can't connect to the site without TLS" issue isn't really there either, Borat will connect using TLS so TLS-only sites will continue to work, it's only the downstream users who don't get any protection. Peter. _______________________________________________ dev-security-policy mailing list [email protected] https://lists.mozilla.org/listinfo/dev-security-policy
