Great Article on SSL Interception Proxies and Transitive Trust
We recently found a great article on SSL/TLS interception proxies and transitive trust from Jeff Jarmoc at Dell SecureWorks. In his article, Jeff provides a brief introduction, background, and history of the SSL and TLS protocols, then dives into talking about SSL interception proxies.
Reading through the article gives insights into how and why these proxies are used in the real world and explains some of the major risks associated with their use. Although risks can range anywhere from legal exposure to an increased threat surface to a potential for decreased cipher strength, these proxies are a necessary part of many networks.
Jeff introduces a helpful test framework (linked below) for determining which (if any) vulnerabilities an SSL proxy is susceptible to. The framework is designed to be run from behind the proxy, and is as simple as visiting a web page. Following an explanation of some of these vulnerabilities, Jeff lists some of the current vulnerabilities found in existing proxy solutions today.
The wolfSSL embedded SSL library has had the ability to do SSL inspection for quite some time now, as we originally posted about it in September of 2010. If you have any questions about wolfSSL’s SSL inspection, please feel free to contact us at firstname.lastname@example.org.
Transitive Trust: SSL/TLS Interception Proxies and Transitive Trust
Proxy Test Framework: https://ssltest.offenseindepth.com
Originally posted at: http://www.wolfssl.com/wolfSSL/Blog/Entries/2012/4/13_Great_Article_on_SSL_Interception_Proxies_and_Transitive_Trust.html