[AusNOG] Dutton decryption bill

Martin - StudioCoast martin.sinclair at studiocoast.com.au
Wed Aug 15 14:04:24 EST 2018


The root certificate would facilitate re-encrypting of the connection at 
the ISP end.
Or the government could just force certificate authorities to hand over 
the private keys. There have been reports this might already have 
occurred in other countries.

There have been discussions in the browser community on how to best deal 
with this, there are already a few approved certificate authorities out 
there with government ties:
https://wiki.mozilla.org/CA:GovernmentCAs


On 15/08/2018 1:46 PM, Robert Hudson wrote:
> n Wed, 15 Aug 2018 at 11:46, Martin - StudioCoast 
> <martin.sinclair at studiocoast.com.au 
> <mailto:martin.sinclair at studiocoast.com.au>> wrote:
>
>     Enforcing a government run root certificate on Australian sold
>     devices is not out of the realm of possibility...
>
> A root certificate would only help them if the application used it as 
> part of its encryption processes - whilst a device root certificate is 
> available to applications, they're not forced to use it.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20180815/908b7152/attachment.html>


More information about the AusNOG mailing list