Hacker News new | past | comments | ask | show | jobs | submit login

What root cert would they us for that?

The government of my country has at least one certificate that's trusted by Mozilla (and I guess Chrome and Windows too) by default.

It won't stay trusted if it is actively used for MITM attacks. At least that's the idea.

You mean CA? There are many options depending on which agency and which target you are talking about. They have few options from stealing a CA from a legitimate CA user if the want anonymity or use one that is built in to your browsers or systems somebody else already pointed out in the thread.

Applications are open for YC Winter 2020

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact