A CA called Cyberoam appears to have issued a wildcard cert to enable MITM attacks for "deep packet inspection" and "security" purposes. The same cert is used by all their devices.
https://blog.torproject.org/blog/security-vulnerability-found-cyberoam-dpi-devices-cve-2012-3372 They're not a CA trusted by Mozilla, apparently. John Nagle _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
