<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<div class="moz-signature"><font style="font-family: Arial;
font-size: 10pt;">The root certificate would facilitate
re-encrypting of the connection at the ISP end. <br>
Or the government could just force certificate authorities to
hand over the private keys. There have been reports this might
already have occurred in other countries.<br>
<br>
There have been discussions in the browser community on how to
best deal with this, there are already a few approved
certificate authorities out there with government ties:<br>
<a class="moz-txt-link-freetext" href="https://wiki.mozilla.org/CA:GovernmentCAs">https://wiki.mozilla.org/CA:GovernmentCAs</a><br>
<br>
<br>
</font></div>
<div class="moz-cite-prefix">On 15/08/2018 1:46 PM, Robert Hudson
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:CAOu9xN+J-7-gejiAOXJLz=3TUAK4KeMKdiMRcN0uQLCkLMPSgg@mail.gmail.com">
<meta http-equiv="content-type" content="text/html; charset=utf-8">
<div dir="ltr">
<div class="gmail_quote">
<div dir="ltr">n Wed, 15 Aug 2018 at 11:46, Martin -
StudioCoast <<a
href="mailto:martin.sinclair@studiocoast.com.au"
moz-do-not-send="true">martin.sinclair@studiocoast.com.au</a>>
wrote:</div>
<blockquote class="gmail_quote" style="margin:0 0 0
.8ex;border-left:1px #ccc solid;padding-left:1ex">
<div text="#000000" bgcolor="#FFFFFF">
<p>Enforcing a government run root certificate on
Australian sold devices is not out of the realm of
possibility...<br>
</p>
</div>
</blockquote>
<div>A root certificate would only help them if the
application used it as part of its encryption processes -
whilst a device root certificate is available to
applications, they're not forced to use it.</div>
</div>
</div>
</blockquote>
<br>
</body>
</html>