
Reports of AT&T intercepting and re-signing TLS - finnn
https://www.reddit.com/r/sysadmin/comments/6qvg48
======
aphextron
Is anyone under the illusion that every major ISP is not already doing this?

~~~
finnn
Yes. None of my TLS connections are signed by untrusted CAs, as this report
describes. Additionally, I am able to validate certificate chains of various
websites that I visit and see that they are signed by CAs not controlled by my
ISP. I have a major US ISP that I would absolutely jump at the opportunity to
shit on, but I'm not going to pretend they're doing something that I can
verify they aren't.

