https - hopefully not too stupid a question
Francis Davey
fjmd1a at gmail.com
Sat Jun 16 23:56:00 BST 2012
This is the first question I have initiated on this group, so I hope
it does not seem to be too foolish a query.
Reading:
http://fsfe.org/news/2012/news-20120616-01.html
I wondered to what extent the government could put a framework in
place to avoid some of these, in particular the use of https. Could
the government set things up within the UK so that certificates were
forged so that they were able to intercept https in transit?
Assume that the Bill gives them the legal power to require anyone in
the UK to do anything in order to facilitate obtaining comms data
could they use that power to require someone/anyone to issue
certificates purporting to be for sites (like facebook)? I am not sure
how easy it is for a state actor to do this in a way that will affect
ordinary people.
I'm not interested in whether the technically savvy are able to avoid
such action - let us stipulate for the sake of argument that they are.
Thanks.
--
Francis Davey
More information about the ukcrypto
mailing list