Erik Christiansen writes:
Given the media reports of the NSA using several supercomputers to crack SSL traffic (with some degree of success apparently) it may be that they don't have anything but brute force and possibly a few cryptology tricks, so far. (Depending on how much credence is to be given to anything heard in the media.)
Turkish intelligence don't need to "crack" TLS; they just get Firefox to trust them by default, then do the normal MITM dance. I don't see why the NSA can't do that, too. http://www.cl.cam.ac.uk/~rja14/Papers/sefa-pr11.pdf (p2) | At the authentication workshop following FC2011 I asked a panelist | from the Mozilla Foundation why, when I updated Firefox the previous | day, it had put back a certificate I’d previously deleted, from an | organisation associated with the Turkish military and intelligence | services.