post #1 of 1
Thread Starter 
Trustwave admits it sold CA cert to a company to use for "data loss prevention" (man in the middle spying on employees)

This single certificate was issued for an internal corporate network customer and not to a 'government', 'ISP' or to 'law enforcement'. It was to be used within a private network within a data loss prevention (DLP) system. The subordinate certificate was subject to a Certification Practice Statement (CPS), Subscriber Agreement and Relying Party Agreement crafted by Trustwave after an audit of the customer physical security, network security, and security policies.

Wonder how many other companies would go this far to monitor their employees.