[AusNOG] That list

John Lindsay jlindsay at internode.com.au
Thu Mar 19 14:56:31 EST 2009


On 19/03/2009, at 2:21 PM, Adrian Chadd wrote:

> (URl filtering through HTTPS is doable and happening today. It  
> involves
> breaking the SSL by loading the user browser with a cert the proxy can
> auto generate a signed ssl certificate against. Evil, but doable.)


Doable in the same way that having someone else open your mail and  
read it first is doable.

A government mandated man-in-the-middle attack against SSL is just  
what Australia needs to improve economic efficiency and make life much  
easier for fraudsters.

jsl



More information about the AusNOG mailing list