Hacker News new | past | comments | ask | show | jobs | submit login

> In practice, governments will probably just MITM the connection

If they routinely MITM connections they will quickly be found out, and the CA would be removed from browsers.




Except China has their own browser made by a state controlled company that a lot of people use. This browser is already demonstrated to accept the government CA and ordinary people in China don't care.


What's the browser, or do you mean Opera?


360 Secure Browser by Qihoo, we saw back in 2014 that it was already compromised then: https://en.greatfire.org/blog/2014/oct/china-collecting-appl...


If some websites will break down in this browser while working in other browsers, people will probably notice.


Why would they break? If the MITM certificate is trusted at the local level, everything should work fine in their browsers.


Except some pages won't be there (that's what censorship is isn't it?)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: