Hacker News new | past | comments | ask | show | jobs | submit login

for all we know NSA may already be doing that all the time, and they're only the worst of the good guys.



Modern browsers require that leaf certificates which are issued in a chain which descends from a built in publicly trusted root include "certificate transparency" information. This means that the certificate has been published in numerous public logs and so would be discovered.

No doubt the NSA intercepts all kinds of things, but they're not doing it with TLS MITM technology (at least not without further additional hacks).


That is, assuming that your downloaded copy of Firefox contains these root certificates and not some different ones.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: