[clug] OT: Protesting the proposed clean feed?
Nathan Rickerby
rickerby at gmail.com
Thu Oct 23 10:21:34 GMT 2008
On Thu, Oct 23, 2008 at 08:56:21PM +1100, Peter Barker wrote:
> I seriously doubt the government will introduce SSL filtering. They may
> be silly enough to start blocking speicific IP addresses, but I think
> having every ISP have access to unencrypted bank transaction information
> would be just too great a risk.
The ISP having access to the unencrypted data is not the only issue.
There are more.
Without a method for seeing the certificate the ISP gets when making the
second https connection, how can you verify they are connecting to the
true intended destination. The connection could be man-in-the-middled
again between the ISP and your bank.
I really can't see the https meddling shenanigans happening any time
soon.
Nathan
More information about the linux
mailing list