nanog mailing list archives

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates

From: Damian Menscher <damian () google com>
Date: Mon, 12 Sep 2011 10:50:09 -0700

On Mon, Sep 12, 2011 at 7:09 AM, Martin Millnert <millnert () gmail com> wrote:


Something similar, including use of purchased (not only limited to
stolen certs), is ongoing already, all of the time.  (I had a fellow
IRC-chat-friend report from a certain very western-allied middle
eastern country that there's ISP/state-scale SSL-MITM ongoing there,
for all https traffic.)



If this were true, don't you think your friend would provide an SSL cert?

Damian
-- 
Damian Menscher :: Security Reliability Engineer :: Google

Current thread:

Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates, (continued)
- - - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Heinrich Strauss (Sep 10)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Jimmy Hess (Sep 10)
  - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Jimmy Hess (Sep 09)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Damian Menscher (Sep 10)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Michael Painter (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Cameron Byrne (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Bjørn Mork (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Joel jaeggli (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates sthaug (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Martin Millnert (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases updates Damian Menscher (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Joe Greco (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Marcus Reid (Sep 11)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Valdis . Kletnieks (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases fredrik danerklint (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Måns Nilsson (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Valdis . Kletnieks (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases fredrik danerklint (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Måns Nilsson (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases Tony Finch (Sep 12)
    - Re: Microsoft deems all DigiNotar certificates untrustworthy, releases fredrik danerklint (Sep 12)

(Thread continues...)