The root certificate would facilitate re-encrypting of the connection at
the ISP end.
Or the government could just force certificate authorities to hand over
the private keys. There have been reports this might already have
occurred in other countries.
There have been discussions in the browser community on how to best deal
with this, there are already a few approved certificate authorities out
there with government ties:
https://wiki.mozilla.org/CA:GovernmentCAs
On 15/08/2018 1:46 PM, Robert Hudson wrote:
n Wed, 15 Aug 2018 at 11:46, Martin - StudioCoast
<[email protected]
<mailto:[email protected]>> wrote:
Enforcing a government run root certificate on Australian sold
devices is not out of the realm of possibility...
A root certificate would only help them if the application used it as
part of its encryption processes - whilst a device root certificate is
available to applications, they're not forced to use it.
_______________________________________________
AusNOG mailing list
[email protected]
http://lists.ausnog.net/mailman/listinfo/ausnog
