

How the NSA, and your boss, can intercept and break SSL - denzil_correa
http://www.zdnet.com/how-the-nsa-and-your-boss-can-intercept-and-break-ssl-7000016573/

======
bifrost
"If your company has set up the proxy correctly you won't know anything is off
because they'll have arranged to have the proxy's internal SSL certificate
registered on your machine as a valid certificate."

Yes, this is basically textbook MITM for SSL. This is why the NSA can't do
this at "your local ISP", because it requires access to your machine...

~~~
tanglesome
And your machine doesn't access your local ISP and vice-versa?

~~~
bifrost
Not for its SSL certs, no.

