3 comments

[ 3.1 ms ] story [ 17.1 ms ] thread
Is anyone under the illusion that every major ISP is not already doing this?
Yes. None of my TLS connections are signed by untrusted CAs, as this report describes. Additionally, I am able to validate certificate chains of various websites that I visit and see that they are signed by CAs not controlled by my ISP. I have a major US ISP that I would absolutely jump at the opportunity to shit on, but I'm not going to pretend they're doing something that I can verify they aren't.
I doubt it it's happening in a widespread manner - at least for now.