[mdlug] decrypting ssl connections on the fly?

Carl T. Miller millerc at cantonpl.org
Fri Nov 24 09:37:14 EST 2006 

Aha, let me speculate even more wildly.  I wonder if it works
like a proxy.  Whenever an ssl connection request is sent,
it sends its own connection request, thus it can unencrypt
what returns.  It would then need to encrypt it again with
fake keys pretending to be the original source.

If that's the way it works, that means <insert your favorite
party here, such as your ISP, the FBI, etc.> can watch all
ssl traffic that goes across public networks.

Wow.  It sounds like someone has broken ssl.

c

Wojtak, Greg wrote:
> I saw this a while back and the company I used to work for was about to
> get
> some before I left.  I am not completely sure how it works, but to me it
> sounds like the device sitting between the browser and the site is fed
> information about how the data is being encrypted and is therefore able to
> decrypt it and re-encrypt it.  I am pretty sure this is not a false claim.
>
> Maybe it acts as a proxy, and the session from browser to SCM is
> encrypted/decrypted, then the SCM makes the connection out.  Since it is
> sitting on both connections, it will know how to encrypt/decrypt?
>
> Speculating wildly,
>
> Greg
>
>
> On 11/24/06 9:10 AM, "Carl T. Miller" <millerc at cantonpl.org> wrote:
>
>> Secure Computing is a company that makes several products to
>> filter Internet connections.  This makes sense for a company
>> that doesn't want inappropriate content on their network.
>>
>> What caught my eye is that they now claim they can decrypt
>> ssl content and filter it the same as they do with unencrypted
>> content.  I thought that the whole point of ssl is that
>> securely encrypts data between the two endpoints.
>>
>> Am I missing something or is this claim not right?
>>
>> Secure Content Management (SCM) Suite, efficiently decrypts all inbound
>> and outbound SSL traffic at the gateway, applies multiple anti-virus and
>> content scanners, and then re-encrypts the content and directs it to the
>> intended recipient.
>>
>> c
>>
>>
>> _______________________________________________
>> mdlug mailing list
>> mdlug at mdlug.org
>> http://mdlug.org/mailman/listinfo/mdlug
>
> _______________________________________________
> mdlug mailing list
> mdlug at mdlug.org
> http://mdlug.org/mailman/listinfo/mdlug
>

More information about the mdlug mailing list