Closed Bug 1281265 Opened 9 years ago Closed 9 years ago

ISP asks all users to add new trusted authority certificate

Categories

(Core :: Security, defect)

Product:
Core
Component:
Security
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED DUPLICATE of bug 1229827

People

(Reporter: ibmpc.maniac, Unassigned)

Details

Attachments

(1 file)

Сертификат Gamma_RSA.cer
1.04 KB, application/pkix-cert
Details
User Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36 Steps to reproduce: Major Kazakhstan ISP asks end users to add new trusted authority on all devices. Which enable them to do MitM attacks and decrypt private end user data. They provide authority certificate which is not well known and instructions how to install it. They even says "If you do not install this certificate sites like Google and Mail.ru may not work". Original post (in russian) certificate can be found on page. http://telecom.kz/certificate Expected results: I think this authority certificate should be banned inside browser itself to prevent possible end users private data leak. Moreover to prevent major ISP's and countries to do so in future this kind of certificates should be banned as soon as possible to make this idea of forcing/asking users to install authority certificates on all devices "or sites may not work".
We are aware of this issue. I'll ping some folks to see what, if anything, we want to do on a technical level.
Group: firefox-core-security
Status: UNCONFIRMED → RESOLVED
Closed: 9 years ago
Component: Untriaged → Security
Product: Firefox → Core
Resolution: --- → DUPLICATE
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: