Microsoft deems all DigiNotar certificates untrustworthy, releases updates

Damian Menscher damian at google.com
Mon Sep 12 17:50:09 UTC 2011


On Mon, Sep 12, 2011 at 7:09 AM, Martin Millnert <millnert at gmail.com> wrote:

>
> Something similar, including use of purchased (not only limited to
> stolen certs), is ongoing already, all of the time.  (I had a fellow
> IRC-chat-friend report from a certain very western-allied middle
> eastern country that there's ISP/state-scale SSL-MITM ongoing there,
> for all https traffic.)


If this were true, don't you think your friend would provide an SSL cert?

Damian
-- 
Damian Menscher :: Security Reliability Engineer :: Google



More information about the NANOG mailing list