On Sat, 2016-01-09 at 14:11 +0000, Peter Gutmann wrote: > That would have some pretty bad consequences. With the MITM CA cert enabled, > Borat [0] can read every Kazakh user's email, but no-one else can. With the > MITM CA blacklisted, Borat can still read every Kazakh user's email, but so > can everyone else on the planet. So the choice is between privacy against > everyone but one party, and privacy against no-one.
I don't understand why blacklisting a MITM CA would enable everyone to read the data that passes through the MITM. Could you please explain? (It sounds like there is either a misunderstanding on your or on my side.) Thanks Kai _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy