Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Do they need to MITM? If they have a copy of the private key, can't they just use it to decrypt the data .. even old data for which they've only just acquired the key?


Having the root CA's private key doesn't give them access to the end entity's private keys. When you ask a CA for a cert, you only provide them with your public key (in the form of a CSR) for them to sign. The CSR does not contain the private key.


But getting an employee to hand over the private key and giving him a gag order afterwards is an option of course.


https://en.wikipedia.org/wiki/Perfect_forward_secrecy

https://en.wikipedia.org/wiki/ECDHE

Google is using it, a few other sites, too, though they are in the minority. OpenSSL supports it since version 1.0.0 that was released in March 2010.


True, but they would have to do this for every single web server they would want to collect information from. Not impossible, but it'd be a lot of work.


to your latter question: no, not with the right ciphers.

http://en.wikipedia.org/wiki/Perfect_forward_secrecy


Perfect forward secrecy doesn't apply if the NSA has broken the key exchange algorithm and has your session keys.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: