[cabfpub] China MITMing icloud.com

Rich Smith richard.smith at comodo.com
Tue Oct 21 07:41:13 MST 2014


https://en.greatfire.org/blog/2014/oct/china-collecting-apple-icloud-data-at
tack-coincides-launch-new-iphone

 

The above article states that within China's great firewall, www.icloud.com
is connecting with a self signed certificate.  The article also states that
the Qihoo 360 Browser passes the user right through with no warning or other
indication that the connection is unsafe.

 

I have no way to independently verify that accusation, BUT given that we
just approved the 360 Browser's CA/B membership application, I think this
needs to be investigated.

 

If the accusation is found to be accurate, barring a VERY good explanation
from the 360 Browser team, I would move for their immediate expulsion from
this Forum.

 

-- 

Regards,

Rich Smith

Validation Manager

Comodo

 <http://www.comodo.com/> http://www.comodo.com

 

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://cabforum.org/pipermail/public/attachments/20141021/83efde35/attachment.html 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6378 bytes
Desc: not available
Url : https://cabforum.org/pipermail/public/attachments/20141021/83efde35/attachment.bin 


More information about the Public mailing list