(resending because the first attempt was not posted to the list) Mozilla has announced our response to the Kazakhstan MITM: https://blog.mozilla.org/blog/2019/08/21/mozilla-takes-action-to-protect-users-in-kazakhstan/ and https://blog.mozilla.org/security/2019/08/21/protecting-our-users-in-kazakhstan/
Note: we're in the process of adding the "Qaznet" root certificate to OneCRL, but you won't yet find it to be revoked. On Wed, Aug 7, 2019 at 8:24 AM RS Tyler Schroder via dev-security-policy < dev-security-policy@lists.mozilla.org> wrote: > News reports[1][2] are now showing that the certificate has been > "cancelled". I do not have a way to verify that it has been revoked > independently at this time. > > Sources: > [1] https://tsarka.org/post/national-certificate-cancelled > [2] > https://www.reuters.com/article/us-kazakhstan-internet-surveillance/kazakhstan-halts-introduction-of-internet-surveillance-system-idUSKCN1UX0VD > _______________________________________________ > dev-security-policy mailing list > dev-security-policy@lists.mozilla.org > https://lists.mozilla.org/listinfo/dev-security-policy > _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
