zlacker

>>codero+(OP)
The long-term solution is simply not to work anywhere that insists on running a MITM attack on all of your communications.

>>db48x+D2
Isn't MITM required in enterprise environments where they want to filter content? Unless you want to run it client-side which isn't usually an option.

>>Viper0+U2
There are ways to filter content without breaking user privacy. For example, you could restrict access to the Internet altogether, and suggest that your users only get what they need from your internal corporate network. See how incredibly productive that makes your staff?

What these "enterprise environments" want is to leech off the Internet's knowledge while keeping a firm chokehold on the privacy of their own employees Sadly, it looks like Google is caving in to their pressure.

>>parenn+P3
> Sadly, it looks like Google is finally caving in to their pressure. Maybe someone like Mozilla won't.

All browser vendors provide the necessary bits for properly implemented HTTPS MITM, and have done so for ages (which are fairly simple, basically "allow local trusted certificate roots and ignore key pinning for them").