[alerque]

Yes, having a root CA certificate like this installed in a client allows the certificate issuer (so in this case KZ government and anything they authorize ISPs to do) to impersonate any and every other domain. So yes, ALL https traffic to and from that client to be subject to intercept.

[amelius]

Why does such a certificate exist in the first place?

[rndgermandude]

It exists to intercept https and potentially other TLS traffic. It exists because everybody can make such a certificate. I made such a CA certificate for my personal use, not to MITM myself, but to issue certificates for some internal services that are out of scope of letsencrypt. Every major desktop OS comes with tools that let you make a CA certificate, Windows does, macos does, linux distro usually ship openssl/gnutls/nss tools (as installable packages).

The challenge is not to make it but to get it trusted by OS and software. The Kazakhstan government solved it by having the ISPs just tell people to install the thing themselves into each and every device you own.

Why does the government want this? To snoop on people. Usually framed as "We need to be able to fight terrorists, criminals and/or foreign enemies who 'abuse' encryption to hide their malicious activities". Tho, a lot of times the government will say all people are potential terrorists, and you just don't know if they are until you start snooping on them.

It's not only a thing with just authoritarian regimes, either. Australia passed a law which basically forces Australian companies and citizens to add backdoors in any products using end-to-end encryption (thereby effectively disabling end-to-end encryption) so the government can read communication if they want to.

The UK has a law ("snooper charter") that requires companies to "remove or disable" encryption when the government shows up with a warrant.

The US similarly are looking into end-to-end encryption busting legislation. And they already compelled companies to effective disable encryption systems, e.g. when a judge ordered lavabit (then the email provider Edward Snowden used) to hand over their encryption keys and install a government provided device capable of logging all traffic. And let's not forget that for a long time US law classified strong encryption as a "weapon" which meant you could not export encryption easily. Or the NSA e.g. pushing their backdoor encryption-busting PRNG (Dual_EC_DRBG) and weak encryption schemes (Speck, Simon).

German politicians recently started demanding end-to-end encryption busting legislation too, except they said "we do not want to make encryption weaker or insecure, we just want that the companies give us the plaintext data", which once more shows that they didn't thought it was necessary to do the most basic research into how this stuff works before talking.

[ilaksh]

It seems like this is material movement toward actual authoritarianism to me.

[alerque]

Anybody can make one.

You can make one on your own computer, give the result to your friends, tell them to connect through you as a proxy, and intercept everything. The tricky part is that browsers are hard coded with a list of a few trusted root certificates to trust. In order for the home baked certificate you just made to do any good, people have to explicitly install it and mark it as trusted. That means you have to distribute your newly minted root certificate and get every end point device to accept it manually.

That's what's so sinister about Kazakhstan's approach: by issuing a governmental mandate for citizens install the certificate they generated, and restricting their internet if they don't, they are effectively bypassing the Internet's current trust system entirely and granting themselves cart-blanche access to all their traffic.

[darklajid]

Because it takes nothing but an openssl installation (or similar) to generate one?

Anyone can control a (root) certificate - the problem is getting others to trust it. Legitimate use cases might be: You want to intercept (and decrypt) traffic going from your local computer to SSL/TLS endpoints (affects only you) for example. Less clear cut / nice example: Company wants to read your traffic and therefor deploys a cert like this on your computer, now can snoop on anything you do, https or not.

[dspillett]

Anyone can make one. You can make one if you want to. Getting others to trust and install it is the key - and in this case it is government mandated.

It is not uncommon to see this in companies that (for security, regulatory, or other reasons) need to monitor traffic in and out of their network. They have all the company provided computing devices include their self-generated CA certificate and force all HTTPS traffic through a MitMing proxy in order to do the scanning.