Aren't there private and public keys involved ? Public keys are pre-packaged with clients (Firefox/Chrome/etc), so the state can't just change or fake the private keys.
Maybe they would force all clients to prepackage a government key and then change all infrastructure to pretend all websites use this public key for their https traffic?
Aren't there private and public keys involved ? Public keys are pre-packaged with clients (Firefox/Chrome/etc), so the state can't just change or fake the private keys.
Maybe they would force all clients to prepackage a government key and then change all infrastructure to pretend all websites use this public key for their https traffic?