Hacker News new | comments | show | ask | jobs | submit login

It's not try it wouldn't do them any good. It just ensures that they can't use the cert to go back and look at old data streams and decrypt them. It doesn't prevent them from using a cert for man in the middle attacks, for example.

But of course one can't mitm all google traffic without someone noticing.

(Discussion releated to this topic is getting quite redundant on HN. Same discussion in every thread.)

Chrome also uses ChannelID.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact