Hacker News new | ask | show | jobs
by mckoss 4094 days ago
You can't selectively block content on an SSL connection w/o having a back door to the encryption keys used to secure the connection. A man in the middle attack would be detectable unless the root certificates were compromised.
1 comments
flyinghamster 4094 days ago
That's where CNNIC comes in. All they need to do is issue their own fake certificate for (insert blocked site here).
link
imron 4094 days ago
Isn't it wonderful to have your own certificate authority.
link