Mozilla and CNNIC
Posted Feb 16, 2010 2:44 UTC (Tue) by eli
Parent article: Mozilla and CNNIC
The argument is made that a rogue cert from CNNIC would be solid proof. But if CNNIC is wanting to use this to catch specific dissidents, rather than intercept traffic in large amounts, the attack could be done with low probability of discovery. Essentially, determine the IP of the user you are trying to trap, and the service you want to snoop, and send a rogue cert to only that IP for that hostname. If used very sparingly, they could probably nab a few key people without getting caught.
to post comments)