Here you go. Notice how the certificate I receive is "self-signed", that's what caused the error in Chrome I believe:
$ echo "GET HTTP/1.0" | openssl s_client -connect gmail.com:443 CONNECTED(00000003) depth=2 DC = com, DC = good, DC = corp, CN = SPRINGTHINGS verify error:num=19:self signed certificate in certificate chain verify return:0 --- Certificate chain 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com i:/C=US/ST=Texas/L=Dallas/O=Good Technology/OU=IT/CN=dal-sg01/[email protected] 1 s:/C=US/ST=Texas/L=Dallas/O=Good Technology/OU=IT/CN=dal-sg01/[email protected] i:/DC=com/DC=good/DC=corp/CN=SPRINGTHINGS 2 s:/DC=com/DC=good/DC=corp/CN=SPRINGTHINGS i:/DC=com/DC=good/DC=corp/CN=SPRINGTHINGS --- Server certificate -----BEGIN CERTIFICATE----- MIIEXDCCA8WgAwIBAgIJAJZwTAAAAAAAMA0GCSqGSIb3DQEBBQUAMIGKMQswCQYD VQQGEwJVUzEOMAwGA1UECBMFVGV4YXMxDzANBgNVBAcTBkRhbGxhczEYMBYGA1UE ChMPR29vZCBUZWNobm9sb2d5MQswCQYDVQQLEwJJVDERMA8GA1UEAxMIZGFsLXNn MDExIDAeBgkqhkiG9w0BCQEWEWhlbHBkZXNrQGdvb2QuY29tMB4XDTEzMDYwNTE5 MDYzM1oXDTEzMTAzMTIzNTk1OVowaTELMAkGA1UEBhMCVVMxEzARBgNVBAgTCkNh bGlmb3JuaWExFjAUBgNVBAcTDU1vdW50YWluIFZpZXcxEzARBgNVBAoTCkdvb2ds ZSBJbmMxGDAWBgNVBAMTD21haWwuZ29vZ2xlLmNvbTCBnTANBgkqhkiG9w0BAQEF AAOBiwAwgYcCgYEAmOKYGiA+9kVvTx2s7mmnzakpmTdYe/wUgnLr44SCj+XTjLWX n0cKCDkFN9nLxcOxCu4QykU3P5Ert6cfiDjdxWrKl9KiWV01TiQKIAZd4DsPoicy ptm3vaaZYWODAUZ4rXmk3Yp4zgrybgO6ClRVO++eQ+rgUHwxXlCxgrLWVJsCAQOj ggHqMIIB5jAJBgNVHRMEAjAAMAsGA1UdDwQEAwIF4DAfBgNVHSMEGDAWgBRibW42 2/ppv5bbmy+8Uky9lX7iyjAaBgNVHREEEzARgg9tYWlsLmdvb2dsZS5jb20wgbkG CWCGSAGG+EIBDQSBqxaBqEdvb2QgVGVjaG5vbG9neSBJVCBOb3RpY2U6ICBUcmFu c3BhcmVudGx5IGludGVyY2VwdGVkIG9uIFsyMDEzLTA2LTE4XSBieSBCbHVlQ29h dCBQcm94eVNHIG5hbWVkIFtkYWwtc2cwMV0gcnVubmluZyBTR09TIFs2LjMuNS4x XS4gICAgUXVlc3Rpb25zPyBlbWFpbCBoZWxwZGVza0Bnb29kLmNvbTCB0gYDVR0g BIHKMIHHMIHEBgRVHSAAMIG7MIG4BggrBgEFBQcCAjCBqxqBqEdvb2QgVGVjaG5v bG9neSBJVCBOb3RpY2U6ICBUcmFuc3BhcmVudGx5IGludGVyY2VwdGVkIG9uIFsy MDEzLTA2LTE4XSBieSBCbHVlQ29hdCBQcm94eVNHIG5hbWVkIFtkYWwtc2cwMV0g cnVubmluZyBTR09TIFs2LjMuNS4xXS4gICAgUXVlc3Rpb25zPyBlbWFpbCBoZWxw ZGVza0Bnb29kLmNvbTANBgkqhkiG9w0BAQUFAAOBgQAXuByOMTCu/7rrnsKgfxh3 r6WuwGWGoWhnnkiPSSTX7KY1TFMumvb3TVZ8IW3sLgnj5WBUiGQI0HQEFv0Mo0H/ EplbQVUceMtvTBC0zarULxswYeu+M2jLIPhfZ06xJZHACnHMhnesJ2RKc25eptES xewgbIL2oGbDEvnUkIfBMQ== -----END CERTIFICATE----- subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com issuer=/C=US/ST=Texas/L=Dallas/O=Good Technology/OU=IT/CN=dal-sg01/[email protected] --- No client certificate CA names sent --- SSL handshake has read 3948 bytes and written 518 bytes --- New, TLSv1/SSLv3, Cipher is AES256-SHA Server public key is 1024 bit Secure Renegotiation IS supported Compression: NONE Expansion: NONE SSL-Session: Protocol : TLSv1 Cipher : AES256-SHA Session-ID: ABEE40AEEA7ABBB9AC6C6CA41E4DEF67FA3C991B3ADB1A0AFCC652762C9AB709 Session-ID-ctx: Master-Key: 7416AAF95351B652227852C810B7A2E1AAE77E4DED41F7F360CDDC9A09DF7B125808E9FC409361FAAAB29C1F138E74CC Key-Arg : None PSK identity: None PSK identity hint: None SRP username: None Start Time: 1371579331 Timeout : 300 (sec) Verify return code: 19 (self signed certificate in certificate chain) --- DONE --------- Robert Dailey On Tue, Jun 18, 2013 at 1:08 PM, Jeffrey Walton <[email protected]> wrote: > On Tue, Jun 18, 2013 at 1:53 PM, Robert Dailey <[email protected]> wrote: > > Well, I know that the CA changes in Chrome when I access Gmail and I do > get > > a warning notification of that, although it wasn't installed on the > system > > at that time (if I choose to continue anyway). > Hmmm... That could be an indication that someone is intercepting your > communications. The fellow in Iran who alerted us to the Diginotar > failure started that way too. > > http://productforums.google.com/forum/#!category-topic/gmail/share-and-discuss-with-others/3J3r2JqFNTw > . > > As far as I know, Google/Chrome has not changed its keys yet (its > supposed to occur in August). So you should not be receiving a > warning. > http://www.h-online.com/security/news/item/Google-to-replace-SSL-certificates-1869281.html > > Are you using CertPatrol? CertPatrol pins the certificate (and not the > public key), so you will get a warning even if the same key is > re-certificated. Its common to use a certificate with a short lifetime > to keep CRLs manageable (I suspect there are some possible security > benefits too). Google practices it by rotating its certificates every > 30 days or so. > > > On Android, however, I do not see the certificate installed. So, does > that > > mean that Gmail traffic is not being intercepted? > Can you issue the following from the command line and post the results: > > $ echo "GET HTTP/1.0" | openssl s_client -connect gmail.com:443 > CONNECTED(00000003) > depth=1 C = US, O = Google Inc, CN = Google Internet Authority > verify error:num=20:unable to get local issuer certificate > verify return:0 > --- > Certificate chain > 0 s:/C=US/ST=California/L=Mountain View/O=Google Inc/CN=mail.google.com > i:/C=US/O=Google Inc/CN=Google Internet Authority > 1 s:/C=US/O=Google Inc/CN=Google Internet Authority > i:/C=US/O=Equifax/OU=Equifax Secure Certificate Authority > --- > Server certificate > -----BEGIN CERTIFICATE----- > MIIDgjCCAuugAwIBAgIKN8yQgAABAACMwjANBgkqhkiG9w0BAQUFADBGMQswCQYD > VQQGEwJVUzETMBEGA1UEChMKR29vZ2xlIEluYzEiMCAGA1UEAxMZR29vZ2xlIElu > dGVybmV0IEF1dGhvcml0eTAeFw0xMzA2MDUxOTA2MzNaFw0xMzEwMzEyMzU5NTla > MGkxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRYwFAYDVQQHEw1N > b3VudGFpbiBWaWV3MRMwEQYDVQQKEwpHb29nbGUgSW5jMRgwFgYDVQQDEw9tYWls > Lmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANLmzUU+okQM > MXLvLDvi5cTGoLgyDpx+e2gvFUNIlyQCPCvAuM90K3Y3M+UxL3JT+KxeAbt8tzJA > 5Sh4X92pO9q2rwUwVyvCy1kpLjTs5YmeYXBqkatJPBskjhI1gkJr/Cjy7q4bXGDF > 6KU9oRo6GbNehPm1kx0F6Z0quoZrzn2DAgMBAAGjggFSMIIBTjAdBgNVHSUEFjAU > BggrBgEFBQcDAQYIKwYBBQUHAwIwHQYDVR0OBBYEFJ0KYTWDuaArJBl7Hdocp/Ut > rR1yMB8GA1UdIwQYMBaAFL/AMOv1QxE+Z7qekfv8atrjaxIkMFsGA1UdHwRUMFIw > UKBOoEyGSmh0dHA6Ly93d3cuZ3N0YXRpYy5jb20vR29vZ2xlSW50ZXJuZXRBdXRo > b3JpdHkvR29vZ2xlSW50ZXJuZXRBdXRob3JpdHkuY3JsMGYGCCsGAQUFBwEBBFow > WDBWBggrBgEFBQcwAoZKaHR0cDovL3d3dy5nc3RhdGljLmNvbS9Hb29nbGVJbnRl > cm5ldEF1dGhvcml0eS9Hb29nbGVJbnRlcm5ldEF1dGhvcml0eS5jcnQwDAYDVR0T > AQH/BAIwADAaBgNVHREEEzARgg9tYWlsLmdvb2dsZS5jb20wDQYJKoZIhvcNAQEF > BQADgYEAmnlaU65izftsi/WblWCUos1nln9afwEJkfoVfQyqBUPYmwz2RLVjr42d > hrJIMhQqYlsW2W1AqnHF2oIM3Lc4wO//ltnX1/GqEx97RsFFM4KFN+ycXeD/trkZ > HGlGJhAnw2zOw4hDDHA2BEPRIj2isbnSsfQgrHGDZsrrMGgAmoA= > -----END CERTIFICATE----- > subject=/C=US/ST=California/L=Mountain View/O=Google Inc/CN= > mail.google.com > issuer=/C=US/O=Google Inc/CN=Google Internet Authority > --- > No client certificate CA names sent > --- > SSL handshake has read 2116 bytes and written 448 bytes > --- > New, TLSv1/SSLv3, Cipher is ECDHE-RSA-AES128-GCM-SHA256 > Server public key is 1024 bit > Secure Renegotiation IS supported > Compression: NONE > ... > > Start Time: 1371578823 > Timeout : 300 (sec) > Verify return code: 20 (unable to get local issuer certificate) > --- > DONE > > > > Jeff > > > On Tue, Jun 18, 2013 at 12:50 PM, Brian Carlstrom <[email protected]> > wrote: > >> > >> Presumably they perform MITM by installing a CA controlled by proxy on > >> your system. > >> > >> -bri > >> > >> On Tue, Jun 18, 2013 at 10:05 AM, Robert Dailey <[email protected]> > >> wrote: > >> > Could you explain a bit better? I asked my IT department, and they > said > >> > they > >> > do monitor gmail traffic on Android. However, he could have been lying > >> > or > >> > just making a blanket statement. I figured out that they are using > >> > "BlueCoat > >> > ProxySG" to perform MITM on web-gmail, but I'm not familiar enough > with > >> > Android to understand why this also isn't being done on Gmail app for > >> > Android. Is Android more secure because it has the trusted > credentials? > >> > I'm > >> > assuming those are all known and accepted root certificates, so if > they > >> > did > >> > indeed try to MITM gmail on Android, then the root would change and > >> > thus, > >> > I'd hope Gmail would fail to accept it or something of that sort. > >> > > >> > > >> > --------- > >> > Robert Dailey > >> > > >> > > >> > On Tue, Jun 18, 2013 at 11:54 AM, Brian Carlstrom <[email protected]> > >> > wrote: > >> >> > >> >> On Tue, Jun 18, 2013 at 8:52 AM, Jeffrey Walton <[email protected]> > >> >> wrote: > >> >> > On Mon, Jun 17, 2013 at 2:09 PM, Robert Dailey <[email protected] > > > >> >> > wrote: > >> >> >> Is it possible for MITM to occur for traffic on the Android Gmail > >> >> >> client > >> >> >> when connected to a Wifi network > >> >> > Yes, its possible. > >> >> > >> >> Not unless a system CA has been compromised (which could then be > >> >> disabled in Settings > Security > Trusted Credentials) or a user CA > >> >> has been installed (which could be uninstalled from the same > location) > >> >> > >> >> -bri > >> >> > >> >> > > >> >> >> If so, how can I verify whether or not my > >> >> >> SSL certificate has been compromised for Gmail? > >> >> > Pin the server's certificate or public key. > >> >> > https://www.owasp.org/index.php/Certificate_and_Public_Key_Pinning > . > >> >> > > >> >> > If you are dealing with a browser-based app, then you are out of > >> >> > luck. > >> >> > Javascript, WebSockets, WebCrypto and other components in the stack > >> >> > don't make the required connection information available. In this > >> >> > case, you need to write a hybrid app or native app. Many people > don't > >> >> > want to hear their browser-based app can't handle a particular data > >> >> > sensitivity level, and it usually goes over like a turd in a punch > >> >> > bowl. > >> >> > > >> >> > Not all apps need to pin. If the app is dealing with throwaway, low > >> >> > value data, then it does not matter - browser-based apps are fine. > >> >> > For > >> >> > medium value (for example, an organization's Single Sign On > password) > >> >> > and high value data (such as information covered under US Federal > >> >> > law), then you probably can't use a browser-based app. > >> >> > > >> >> > In the future, sites (servers) will [likely] be able to ask the > >> >> > browser (clients) to pin certificates via > >> >> > https://tools.ietf.org/id/draft-ietf-websec-key-pinning-05.txt. > >> >> > However, there is no guarantee a client will perform a pin in the > >> >> > absence of a server's request. > >> >> > > >> >> > Jeff > >> >> > > >> >> > -- > >> >> > You received this message because you are subscribed to the Google > >> >> > Groups "Android Security Discussions" group. > >> >> > To unsubscribe from this group and stop receiving emails from it, > >> >> > send > >> >> > an email to [email protected]. > >> >> > To post to this group, send email to > >> >> > [email protected]. > >> >> > Visit this group at > >> >> > http://groups.google.com/group/android-security-discuss. > >> >> > For more options, visit https://groups.google.com/groups/opt_out. > >> >> > > >> >> > > >> > > >> > > > > > > -- You received this message because you are subscribed to the Google Groups "Android Security Discussions" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/android-security-discuss. For more options, visit https://groups.google.com/groups/opt_out.
