If Kazakhstan MITM certificates could be swiftly banned by all major browsers, it might roll back the requirement (just as it failed in 2016) by paralyzing work. It is also more likely to cause political action and people learning more about the impact of this "policy".
Governments are very slow, and just forking this out would take them months, at which point it's possible to return to the status quo (with extra banners) to mitigate the use of the inferior fork. So, socially, this seems like the best course of action, if it can be quickly coordinated. The real issue is that they can quickly block update servers + instruct the population to disable updates. Which means that banners won't make it through, and the population will stay on today's versions permanently. _______________________________________________ dev-security-policy mailing list dev-security-policy@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security-policy
