undefined | Better HN

0 pointsLoic10y ago0 comments

Some people do not have the rights to online privacy. For example, when accessing a website from the library of a jail. The authorities want and need to know what you do, this for some obvious and understandable reasons. I agree this is a particular case, but this is still a case for allowing a website (as long as this is anonymous usage of it) to be available without SSL.

0 comments

bryanlarsen10y ago

Jails can still use MITM monitoring proxies without disabling SSL: they just have to install certs on the machine.

vbezhenar10y ago

Does it work with sites like Google from Google Chrome where browser knows about their public keys? I think that this will be wide practice in modern browsers.

HSTS/HPKP headers could be stripped by proxy but preloaded public key list probably will require custom browser build.

falcolas10y ago

Yes, it does. Google intentionally adds exceptions from error reporting in the case a root CA was added to the OS.

j / k navigate · click thread line to collapse