zlacker

[parent] [thread] 3 comments
1. Comman+(OP)[view] [source] 2025-12-18 14:10:26
Why worry about E2E encryption, in theory just need a cert issued from a vast array of CAs or intermediates. Which I wouldn't be suprised they possess the ability through some type of secret warrant, heck even private keys.
replies(1): >>JoshTr+Au
2. JoshTr+Au[view] [source] 2025-12-18 16:25:35
>>Comman+(OP)
> Why worry about E2E encryption, in theory just need a cert issued from a vast array of CAs or intermediates.

Certificate Transparency thankfully means this is a tool a government could only use once if at all, and then they've burned an entire CA.

replies(1): >>Comman+tK
◧◩
3. Comman+tK[view] [source] [discussion] 2025-12-18 17:27:44
>>JoshTr+Au
Isn't certificate transparency opt-in, so any trusted CA could be a potential attack route.
replies(1): >>JoshTr+LQ
◧◩◪
4. JoshTr+LQ[view] [source] [discussion] 2025-12-18 17:56:46
>>Comman+tK
Browsers now require it to consider a certificate valid. Firefox, Chrome, and Safari all require a certificate to include proof of being logged in CT logs.
[go to top]