http://googleonlinesecurity.blogspot.com/2013/12/further-improving-digital-certificate.html
They caught it with pinning. I wonder if we have a sample; it sounds like it was an extremely small-scale attack (a single organization got an intermediate chaining to a publicly-trusted root in order to spy on employees with its firewall?). If that was the entire scope of it, it's relatively unlikely that anyone in that organization is sending observations to us, maybe depending on how large the organization is and whether they prevent desktop users from installing third-party software. -- Seth Schoen <[email protected]> Senior Staff Technologist https://www.eff.org/ Electronic Frontier Foundation https://www.eff.org/join 815 Eddy Street, San Francisco, CA 94109 +1 415 436 9333 x107
