[Whonix-devel] [tor-talk] How much of SSL CA protected traffic is read by NSA etc. according to...?

Michael O Holstein michael.holstein at csuohio.edu
Mon Jan 5 18:44:38 CET 2015

>Could you please explain how to interpret Jacob Appelbaum's talk at 31c3? [1]

>From all the various documents they have collected it's fair to say that at the present time, barring non-technical methods (http://xkcd.com/538/) .. the only applications they have seen reported as "no intercept available" are OTR(*) and PGP.

>Is (almost) all traffic that is protected by the usual SSL CA's browser
>encryption being monitored by NSA and friends?

Although he doesn't say it directly (this time) I think it's safe to assume the answer is "yes" .. there have been notable thefts of keysigning material from commercial CA's by non-government criminal groups. To assume the three-letter folks don't also engage in such endeavors is foolish at best.

Note that they'd really only need command of *one* CA that is trusted to pull it off (see also the trick that corporate web appliances use to transparently intercept SSL) .. although that would make them likely to get caught at it. 

(*) : OTR uses DH with PFS and a short temporal keylife, so not all that different that some of the non-default (ha ha NSA) IKE proposals. Granted, due to laziness most businesses don't apply ultra-paranoid configurations to their VPN tunnels because it affects performance and confuses the other guy .. but I'm curious if *properly configured* IPSEC similarly suffers.


Michael Holstein
Cleveland State University

PS: Jacob, thank-you as always for everything you do.

More information about the Whonix-devel mailing list