Mozilla takes action against CAs issuing man-in-the-middle certificates
In an email to certification authorities (CAs), the Mozilla Foundation has asked CAs not to issue certificates for sub-CAs which can be used to monitor encrypted data. The request is being made in the context of a recently revealed case, in which Trustwave set up a man-in-the-middle CA.
For the Trustwave CA case see http://www.daemonforums.org/showthread.php?t=6795
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump