Trustwave issued a man-in-the-middle certificate
Certificate authority Trustwave issued a certificate to a company allowing it to issue valid certificates for any server. This enabled the company to listen in on encrypted traffic sent and received by its staff using services such as Google and Hotmail. Trustwave has since revoked the CA certificate and vowed to refrain from issuing such certificates in future.
This is the first case that we are aware of where a respectable certificate authority has enabled third parties to issue arbitrary SSL server certificates for monitoring purposes. Trustwave claims, however, that this is common practice among other root CAs.
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump