Re: [fw-wiz] Security of HTTPS

From: Shimon Silberschlag (shimons_at_bll.co.il)
Date: 11/28/04

Next message: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"

Previous message: Ben Nagy: "RE: [fw-wiz] Antivirus vendor conspiracy theories"
In reply to: lordchariot_at_earthlink.net: "RE: [fw-wiz] Security of HTTPS"
Next in thread: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"
Reply: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: <lordchariot@earthlink.net>, <firewall-wizards@honor.icsalabs.com>
Date: Sun, 28 Nov 2004 16:08:35 +0200

> there are some products
> out there that intentionally decrypt an SSL connection.

Erik,

Can you give a list of those products? I'm only familiar with Finjan's Vital
security for SSL.

Shimon Silberschlag

+972-3-9351572
+972-50-7207130

----- Original Message -----
From: <lordchariot@earthlink.net>
To: <firewall-wizards@honor.icsalabs.com>
Sent: Tuesday, November 23, 2004 18:00
Subject: RE: [fw-wiz] Security of HTTPS

>
> I wouldn't necessarily call it a MITM attack, but there are some products
> out there that intentionally decrypt an SSL connection. These type of
> products will take an SSL certificate as presented from the web site, and
> re-create a new one on-the-fly to present to the client browser. If the
> product's CA cert is loaded into the client, there aren't any certificate
> warnings. If not, then most people click through the cert warning anyway
> because they don't know any better.
>
> These products are generally used to perform AV scans or Ad-Popup blocking
> through an SSL connection. For example, an attachement coming in through
> an
> SSL webmail connection that needs to be virus scanned at the gateway.
>
> Erik
>
>
>
> -----Original Message-----
> From: firewall-wizards-admin@honor.icsalabs.com
> [mailto:firewall-wizards-admin@honor.icsalabs.com] On Behalf Of Alex
> Bihlmaier
> Sent: Friday, November 19, 2004 6:07 AM
> To: firewall-wizards@honor.icsalabs.com
> Subject: [fw-wiz] Security of HTTPS
>
> Good Morning.
>
>
>
> I am curious how strong the security of https can be.
> Is there some possibility of a MITM attack?
> Are there any papers out there outlining this aspect of security?
>
>
>
> //thalunil
>
>
>
> ----------------------------------------------------------------
> kallisti.de webmail access - email on the road
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
>
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards@honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards@honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Next message: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"

Previous message: Ben Nagy: "RE: [fw-wiz] Antivirus vendor conspiracy theories"
In reply to: lordchariot_at_earthlink.net: "RE: [fw-wiz] Security of HTTPS"
Next in thread: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"
Reply: Kevin Sheldrake: "Re: [fw-wiz] Security of HTTPS"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]