Since getting upgrading my Fusion service to FTTN I have been getting certificate warnings from various apps on my Macbook, including OpenVPN, iTunes, Calendar, etc. What seems to be happening is that ATT is trying to serve an SSL/TLS connection with its own certificate. This could be a bug, but also could be a man-in-the-middle attack: If anyone accepts the attlocal certificate without noticing what they are doing, ATT can now monitor all of their encrypted traffic.
Below is the error message from OpenVPN client.
Below is the error message from OpenVPN client.
Untrusted Certificate warning
Host: ovpn.sonic.net
Reason: X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN: self signed certificate in certificate chain
SHA1 fingerprint: 41:1F:7D:E7:AC:B2:53:2B:A0:CD:5F:F1:E4:A1:76:F2:E7:39:95:93
Subject:
C: US
CN: attlocal.net
O: 2Wire
OU: Gateway Device
Issuer:
C: US
CN: Gateway Authentication
O: 2Wire
OU: Gateway Device
serialNumber: 36161N078826