nanog mailing list archives
Re: Russia attempts mandating installation of root CA on clients for TLS MITM
From: William Herrin <bill () herrin us>
Date: Thu, 10 Mar 2022 15:02:31 -0800
On Thu, Mar 10, 2022 at 10:26 AM Eric Kuhnke <eric.kuhnke () gmail com> wrote:
https://bugzilla.mozilla.org/show_bug.cgi?id=1758773 I think we'll see a lot more of this from authoritarian regimes in the future. For anyone unfamiliar with their existing distributed DPI architecture, google "Russia SORM".
Point of clarification: what's happening is that Russian web sites' certificates are expiring and because of the sanctions, their CAs are refusing to renew them. So, Russia has spun up their own CA which is, of course, only present in Russian web browsers. Regards, Bill Herrin -- William Herrin bill () herrin us https://bill.herrin.us/
Current thread:
- Russia attempts mandating installation of root CA on clients for TLS MITM Eric Kuhnke (Mar 10)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Jay R. Ashworth (Mar 10)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM William Herrin (Mar 10)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Sean Donelan (Mar 10)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Dario Ciccarone (dciccaro) via NANOG (Mar 10)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Sean Donelan (Mar 12)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Carsten Bormann (Mar 13)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Sean Donelan (Mar 17)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Masataka Ohta (Mar 13)
- Re: Russia attempts mandating installation of root CA on clients for TLS MITM Miles Fidelman (Mar 13)