In February 2012, Trustwave, one of the CAs trusted by browsers, publicly admitted that it had issued a sub-CA certificate for use by a third-party company to inspect SSL traffic passing through its corporate network. Trustwave defended itself at the time by saying that the issuing of subordinate root certificates to private companies so they can inspect the SSL-encrypted traffic in and out of their networks is a common practice in the industry.
This type of sub-CA certificate usage is frowned upon in the security community, because it subverts the trust of the entire SSL ecosystem. If it falls into the wrong hands, a sub-CA certificate can be used by attackers who control a network's gateway to snoop on the SSL connections of that network's users. This can even be done at the ISP level, or at national level, in countries where the government controls all Internet gateways.
Mozilla said at the time that the use of sub-CA certificates for man-in-the-middle SSL traffic monitoring, even if performed on closed corporate networks, is unacceptable. The browser maker sent an official email to all certificate authorities asking them to immediately revoke all sub-CA certificates used for such purposes and destroy the hardware security modules -- special hardware devices for storing encryption keys -- that contained them.
The generally accepted method of performing SSL traffic inspection on private corporate networks is to generate self-signed CA certificates that then deploy them on all systems and browsers within those networks, in order for them to be trusted only in those environments. This method, however, can be costly and time consuming, especially on very large networks.
The Trustwave incident was not the only case of sub-CA certificate misuse. Back in January, Google, Mozilla and Microsoft blacklisted two sub-CA certificates issued by Turkish Certificate Authority Turktrust, after one of them was used to issue a wildcard certificate for *.google.com without authorization from Google.
Turktrust said at the time that the blacklisted certificates had been issued with sub-CA status by mistake in August 2011 and were actually supposed to be regular certificates. One of them was issued to an agency of the Municipality of Ankara, which later installed it in a firewall appliance with SSL traffic monitoring capabilities.