Thursday, January 18, 2018

SSL CA chain and proxies

The latest in the security world is "SSL inspection". This is a must if you have data that's encrypted. Doing SSL decryption allows you to inspect data that would  otherwise be not inspect.

Does this makes you  more secured? Is a argument that has PRO/CON that are debatable. One CON, you loose any expectation of  privacy.

So how do you know if a  SSLinspection device in  the path of you and a website?

If you know the true issuer of the  site certificate, you can explore the CA-chain in your browser. Here's google website  in my MSIE browser

The CA chain_path on the  left is  surely  indication of forge CA-PATH  vrs the right-side is the real chain.

This is from a  BlueCoat-Proxy at my day-job btw.

So when in doubt , use  a site like ssllab or similar and compare the browser reported chain to the ssllab discovered chain.

NSE ( network security expert) and Route/Switching Engineer
kfelix  -----a----t---- socpuppets ---dot---com
     ^      ^
=(  @  @ )=
        /  \

No comments:

Post a Comment