[Cryptography] FREAK attack

Peter Fairbrother zenadsl6186 at zen.co.uk
Thu Mar 5 08:58:35 EST 2015

On 04/03/15 21:23, Dave Horsfall wrote:
> I took the liberty of forwarding this to a geek list, and a bod who runs
> security at a University department responded thus:

 > Sounds some what theoretical. Given the existence of certificates
 > that allow corporate proxy servers to 'inspect' SSL traffic,

Can someone  explain how that works please?

I can see a corporate proxy doing a MITM with the external SSL using a 
certificate signed by a corporate CA installed on all the internal 

Is that what he means? I may have missed something.

If it is, it isn't the certificate which is the plaintext hole, it's the 
corporate CA installed on the corporate machines..

-- Peter Fairbrother

More information about the cryptography mailing list