[AusNOG] Dutton decryption bill
Mark Andrews
marka at isc.org
Wed Aug 15 14:15:09 EST 2018
We really should encourage more use of DNSSEC and TLSA records which are
designed to all MITM attacks like this to be detected. Australia has
abysmally small DNSSEC take up.
> On 15 Aug 2018, at 2:07 pm, Nick Stallman <nick at agentpoint.com> wrote:
>
> I'd love a government root certificate personally.
>
> It would make it blatantly obvious whenever they wanted to use it. You could also probably sniff it out and block traffic using it even if you couldn't remove it from your device.
>
> On 15/08/18 13:46, Robert Hudson wrote:
>> n Wed, 15 Aug 2018 at 11:46, Martin - StudioCoast <martin.sinclair at studiocoast.com.au> wrote:
>> Enforcing a government run root certificate on Australian sold devices is not out of the realm of possibility...
>> A root certificate would only help them if the application used it as part of its encryption processes - whilst a device root certificate is available to applications, they're not forced to use it.
>>
>>
>> _______________________________________________
>> AusNOG mailing list
>>
>> AusNOG at lists.ausnog.net
>> http://lists.ausnog.net/mailman/listinfo/ausnog
>
> --
> Nick Stallman
> TECHNICAL DIRECTOR
> nick at agentpoint.com
> 02 8039 6820
> www.agentpoint.com.au
>
>
> Level 3, 100 Harris Street, Pyrmont NSW 2009 _______________________________________________
> AusNOG mailing list
> AusNOG at lists.ausnog.net
> http://lists.ausnog.net/mailman/listinfo/ausnog
--
Mark Andrews, ISC
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742 INTERNET: marka at isc.org
More information about the AusNOG
mailing list