Google: Maintaining digital certificate security

Posted Mar 26, 2015 21:30 UTC (Thu) by robbe (guest, #16131)
In reply to: Google: Maintaining digital certificate security by josh
Parent article: Google: Maintaining digital certificate security

So above (637615) you are saying, that you support the right of the employer to intercept (I don't by the way) ... but it should be made as hard as possible?

Unfortunately, the employer will just stay with IE in this case. Not installing Firefox is certainly easier than rolling it out *and* fudging one or more certificates into its trusted store.

Maybe a better way is to make adding a MITM cert easier, but show a different visual cue in the "security indicator" next to the URL. Example:

Padlock: we're pretty sure nobody can listen in
Stethoscope: someone is watching your decrypted traffic, ostensibly for malware, but insulting your boss or planning a coup is probably not a good idea either
Megaphone: only politeness protects you, don't do anything you wouldn't do in the cafeteria

Google: Maintaining digital certificate security

Posted Mar 26, 2015 22:19 UTC (Thu) by josh (subscriber, #17465) [Link]

To clarify, I'm not saying it should be gratuitously difficult to add a new CA to a machine you control/administer. I'm just saying that you should never be able to MITM traffic *without* that step, such as with a certificate chaining to a CA already in browsers. When I said it should be difficult, I just mean that I have zero sympathy for prospective eavesdroppers complaining that it's too hard to install a new CA on every device.

As far as the right to do so: in my opinion, the provider of a network can intercept traffic if they want, but should not be allowed to do so without notice and consent.