[jodrellblank]

They potentially can; commercial firewalls can man-in-the-middle HTTPS traffic with a locally signed and organization-computer-trusted SSL certificate.

[icebraining]

Yes, you're right, in fact I found a few weeks ago that even Squid can do that.

[skeletonjelly]

Fiddler also: http://www.fiddler2.com/fiddler/help/httpsdecryption.asp

Great for debugging third party https stuff.

[FaceKicker]

How does that work? I thought all verification of certificates was done in the browser...

[jevinskie]

IT installs the corporate MITM certificate on all of their computers so the browsers accept them as valid.

[latortuga]

Would this still affect the iPhone 4S though? If I understand this all correctly, I think that corporate IT would have to install the self-signed root cert on your phone for Siri to be MITM'd. There's no reason for your phone to trust it otherwise.