Y
Hacker News
new
|
ask
|
show
|
jobs
by
Dumble
955 days ago
The government would be able to obtain a certificate identical to the one of the a website owner (the real one), enabling the mitm attack (for example with the help of ISPs etc).
3 comments
landgenoot
955 days ago
Yes, but you will see that the certificate authority suddenly switches to the Hungarian government, while reading an article.
link
Urd-
955 days ago
How would they get the private key? Or would this CA only allow using certs with private keys they generated instead of using CSRs?
link
ulrikrasmussen
955 days ago
Wouldn't Certificate Transparency make it very visible and obvious if they did that?
link
Avamander
954 days ago
CT would not be allowed if ETSI does not allow it. Neither would distrusting that mis-issuing CA be allowed.
link