[Cryptography] Blue Coat has been issued a MITM encryption certificate
Rob Stradling
rob.stradling at comodo.com
Thu Jun 9 10:18:06 EDT 2016
On 29/05/16 13:55, Stephen Farrell wrote:
> 1 - yay for certificate transparency - CAs behaving oddly being spotted
> and outed is good
Yay for CT indeed, but FWIW it wasn't CT that detected this one.
On 31/05/16 17:44, Peter Bowen wrote:
<snip>
> Mozilla is working on getting all CAs to add info on their issuing CAs
> to their database; you can see the current status at
> https://mozillacaprogram.secure.force.com/CA/PublicAllIntermediateCerts.
> If there are checkboxes under both "CP/CPS Same As Parent" and "Audit
> Same As Parent", then it is safe to assume that the issuing CA is just
> a branded CA operated by the parent.
The Bluecoat intermediate (https://crt.sh/?id=19538258) first came to
light when Symantec disclosed it to Mozilla.
I'm tracking intermediates that have been disclosed to Mozilla but not
(yet) submitted to CT (see https://crt.sh/mozilla-disclosures). When I
saw the Bluecoat intermediate, I submitted it to some CT logs.
--
Rob Stradling
Senior Research & Development Scientist
COMODO - Creating Trust Online
More information about the cryptography
mailing list