I discovered today that my ISP caching HTTPS content from Microsoft. How is this possible ? I doubt Microsoft is giving it's certificates aways to providers in order to lower their network load. Could it be that Microsoft as a caching server on site, at the ISP location ? If so how do they keep their different security compliances while doing this ? I'm guessing the caching server is only accessible from Microsoft employes, it's in a locked cabinet, as encrypted hard drives, etc.
This was discovered after on some HTTPS content wasn't working properly, IP where the tracert was ending at our ISP. We notified them of the issue, they then redirected the traffic directly to Microsoft and the problem was solved, the person at the ISP wouldn't give us the details of what exaclty happened for "security reasons" and he said something along the lines that we need to talk to microsoft to solve this issue, we don't want it to keep sending this traffic directly to them. Multiples large clients were affected with the issue, the ISP was also affected by the issue internaly.
No comments:
Post a Comment