On Tue, Nov 16, 2010 at 8:53 PM, Aanjhan R <[email protected]> wrote: > In short you are OK *in general*. But then one can do slightly > sophisticated attacks. IMO security is always an illusion :)
Commercial proxy/content-filtering solutions use SSL proxy (fancy word for a man-in-the-middle-attack) and break open HTTPS connections. These devices terminate the HTTPS connection on the proxy appliance itself, create a new HTTPS connection to the server. The SSL cert presented to the client browser is generated on the proxy appliance and signed using a custom CA. If that CA is installed on your browser (through corporate policy) there is no warning on the client browser that your connection is terminated in between. If the appliance re-signs the client side SSL cert using the private keys of Verisign/Thwate/etc (Govt security organizations have access to most CA private keys), this man-in-the-middle attack is *very* hard to detect. - Raja _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
