On Sat, 2016-01-09 at 14:11 +, Peter Gutmann wrote:
> That would have some pretty bad consequences. With the MITM CA cert enabled,
> Borat [0] can read every Kazakh user's email, but no-one else can. With the
> MITM CA blacklisted, Borat can still read every Kazakh user's email, but so
> can
On Thursday, January 7, 2016 at 12:08:10 AM UTC+1, Paul Wouters wrote:
> As was in the news before, Kazakhstan has issued a national MITM
> Certificate Agency.
>
> Is there a policy on what to do with these? While they are not trusted,
> would it be useful to explicitely blacklist these, as to mak
Kai Engert writes:
>Independently of the request for inclusion, this group could discuss if the
>Kazakhstan's CAs should be blacklisted, by adding them to the Mozilla CA list
>using negative distrust flags
That would have some pretty bad consequences. With the MITM CA cert enabled,
Borat [0] ca
3 matches
Mail list logo