What do you think the likelihood is of NSA doing (active) SSL MITM attacks using NSL'd CA keys?
Users running extensions that use things like EFF's SSL Observatory (SSL Everywhere has an option to report to that) will cause those NSA-generated certs to show up, and someone will get suspicious eventually. The only reports I've seen recently on that front were things like middle eastern users sending in samples of MITM certs. I'm not saying the NSA can't do it, but what evidence is there that the NSA has done MITM on SSL traffic? For all we know, couldn't the MITM ssl certs in the mideast be an NSA false flag op?
Users running extensions that use things like EFF's SSL Observatory (SSL Everywhere has an option to report to that) will cause those NSA-generated certs to show up, and someone will get suspicious eventually. The only reports I've seen recently on that front were things like middle eastern users sending in samples of MITM certs. I'm not saying the NSA can't do it, but what evidence is there that the NSA has done MITM on SSL traffic? For all we know, couldn't the MITM ssl certs in the mideast be an NSA false flag op?