Quote:
Originally Posted by dev
an ISP can easilly see SSL traffic, afterall you negotiate the secure connection via your ISP
|
Not really, this is why there are certification chains for the SSL certificates. If Virgin started trying to proxy SSL connections in order to read the contents it would be very obvious when you noted your bank's secure site having a certificate signed by Virgin Media
They can't 'break' SSL but can certainly monitor the endpoints and implement a policy based on that. If someone has 10 SSL connections to news-europe.giganews.com it doesn't take a huge amount of thinking or analysis to guess what the traffic is.