Search Mailing List Archives

Limit search to: Subject & Body Subject Author
Sort by: Reverse Sort
Limit to: All This Week Last Week This Month Last Month
Select Date Range     through    

[liberationtech] French Government doing SSL MITM

Maxim Kammerer mk at
Sun Dec 8 09:51:50 PST 2013

On Sun, Dec 8, 2013 at 6:14 PM, andrew cooke <andrew at> wrote:
> Despite it being used on a private network, and with user consent, it is
> reportedly a violation of procedures.  Google classify it as a "serious
> breach".

First, it doesn't matter how Google classifies the violation, as it is
a private company that does not hold any definitive authority on the
matter, regardless of whatever spin they try to put on their blog

Now, it's possible that the French can't be trusted with properly
handling intermediate CAs, and that as a result ANSSI should be held
responsible and have its IGC/A root certificates [1–2] revoked from
browsers' trusted stores, but it doesn't mean that the incident is
some case of a government agency trying to covertly spy on citizens or


Maxim Kammerer
Liberté Linux:

More information about the liberationtech mailing list