Re: Applicability of signed messages as proof of sending

ietf-openpgp

Re: Applicability of signed messages as proof of sending

2005-08-14 22:39:20

On Sunday 14 August 2005 19:00, Ian G wrote:

Ben Laurie wrote:

On wired networks they are easy for the network admins to mount. The
practice is sufficiently commonplace that many corps have their own CA
keys in employees' browsers so they can forge X509 certs.


Hmmm.  Is that the sole reason?  Or one of many reasons?

And how often do they conduct this attack?


There are web-proxies on the market which do this in order to be able to 
track HTTPS connections of employees. This is illegal or at least of 
doubtful legality in most European countries, so I can't provide you with 
examples of companies who do this.



        Konrad

pgpItopCJ8WIE.pgp
Description: PGP signature

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
Re: Draft Minutes of OpenPGP, (continued) Re: Draft Minutes of OpenPGP, Ian G Re: Draft Minutes of OpenPGP, Len Sassaman Re: Draft Minutes of OpenPGP, Ian Brown Applicability of signed messages as proof of sending, Ian G Re: Applicability of signed messages as proof of sending, Len Sassaman Re: Applicability of signed messages as proof of sending, Ian G Re: Applicability of signed messages as proof of sending, Richard Laager Re: Applicability of signed messages as proof of sending, Ian G Re: Applicability of signed messages as proof of sending, Ben Laurie Re: Applicability of signed messages as proof of sending, Ian G Re: Applicability of signed messages as proof of sending, Konrad Rosenbaum <= Re: Draft Minutes of OpenPGP, "Hal Finney"

Previous by Date:	Re: Encrypt then sign insecure?, Jon Callas
Next by Date:	Re: "The OpenPGP mail and news header" extenssion, Konrad Rosenbaum
Previous by Thread:	Re: Applicability of signed messages as proof of sending, Ian G
Next by Thread:	Re: Draft Minutes of OpenPGP, "Hal Finney"
Indexes:	[Date] [Thread] [Top] [All Lists]