On Tue, 31 May 2016, [email protected] wrote:
Here is Bluecoat showing off their MITM appliance.
https://www.bluecoat.com/security-blog/2014-01-02/exploring-encrypted-skype-conversations-clear-text
Note that it only shows a MITM TLS when you install their CA. Which,
whether we like it or not, is a valid business model. For instance
it is needed for various financial compliance laws.
And decrypting the TLS only gave the guy encrypted data he still could
not read. My guess is skype just uses TLS and a way to break through
middleware, and whatever their encryption scheme is, is still inside
of that.
Paul
_______________________________________________
dev-security-policy mailing list
[email protected]
https://lists.mozilla.org/listinfo/dev-security-policy
