On 3/9/11 2:56 PM, Lorenz Kirchner wrote:
This this: https://sites.google.com/a/infosecurity.ch/testst/
no, same problem
...connection interrupted...
Sounds interesting that they are doing SSL MiTM probably because they have control of some rough chinese-government-affiliated CA certification authority.
May i ask you, being in china, to go https://spreadsheet.google.com and report via email which are the SSL digital certificate information that you read?
From Europe i see in the certificate information
SHA1 Fingerprint (last digits are DC:8E:74:12:93) Serial (last digits are 00:00:22:63)
The Root Certificate have as chain: EquifaxSecureCA: C = US, O = Equifax, OU = Equifax Secure Certificate Authority That signed the Google CA: GoogleInternetAuthority: C = US, O = Google Inc, CN = Google Internet Authority
What do you see with your browser related to the digital certificate parameters?
Maybe we can find which are the rough CA with which they can do Deep Packet Inspection?