Y
Hacker News
new
|
ask
|
show
|
jobs
by
landgenoot
957 days ago
>This enables the government of any EU member state to issue website certificates for interception and surveillance
Wouldn't this be very easy to identify?
1 comments
Dumble
957 days ago
The government would be able to obtain a certificate identical to the one of the a website owner (the real one), enabling the mitm attack (for example with the help of ISPs etc).
link
landgenoot
957 days ago
Yes, but you will see that the certificate authority suddenly switches to the Hungarian government, while reading an article.
link
Urd-
957 days ago
How would they get the private key? Or would this CA only allow using certs with private keys they generated instead of using CSRs?
link
ulrikrasmussen
957 days ago
Wouldn't Certificate Transparency make it very visible and obvious if they did that?
link
Avamander
956 days ago
CT would not be allowed if ETSI does not allow it. Neither would distrusting that mis-issuing CA be allowed.
link