Monkeysphere

New Research Suggests That Governments May Fake SSL Certificates:https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl

Sophisticated X.509 certificate interception devices designed to collect encrypted SSL traffic based on forged 'look-alike' certificates: http://www.wired.com/threatlevel/2010/03/packet-forensics/

LWN article on the business of SSL man-in-the-middle-attacks, the threat may be more practical than previously thought: http://lwn.net/Articles/380140/

New Research Suggests That Governments May Fake SSL Certificates:https://www.eff.org/deeplinks/2010/03/researchers-reveal-likelihood-governments-fake-ssl

Christopher Soghoian and Sid Stamm's draft research paper entitled "Certified Lies: Detecting and Defeating Government Interception Attacks Against SSL" presents evidence that CAs may be cooperating with government agencies to help them spy undetected on "secure" encrypted communications: http://files.cloudprivacy.net/ssl-mitm.pdf

A Tor developer writes about how he disables all Certificate Authorities on his system and instead selectively trusts those SSL certificates from individual websites: http://blog.torproject.org/blog/life-without-ca

A Tor developer writes about how he disables all Certificate Authorities on his system and instead selectively trusts those SSL certificates from individual websites: http://blog.torproject.org/blog/life-without-ca

Sophisticated X.509 certificate interception devices designed to collect encrypted SSL traffic based on forged 'look-alike' certificates: http://www.wired.com/threatlevel/2010/03/packet-forensics/