ndogg writes "Mozilla is considering pulling TeliaSonera from its list of root certificate SSL providers. They have asked for comments on this on their mailing list. They're concerned about the use of the certificates by those governments for spying on its citizens, particularly in Azerbaijan, Kazakhstan, Georgia, Uzbekistan and Tajikistan — where TeliaSonera operates subsidiaries or is heavily invested. Mozilla's concern is that TeliaSonera has possibly issued certificates that allow hardline government servers to masquerade as legitimate websites — so-called man-in-the-middle attacks — and decrypt web traffic. This alleged activity would contradict Mozilla's policy against 'knowingly issuing certificates without the knowledge of the entities whose information is referenced in the certificates.'"
Attend or create a Slashdot 20th anniversary party! DEAL: For $25 - Add A Second Phone Number To Your Smartphone for life! Use promo code SLASHDOT25. Check out the new SourceForge HTML5 Internet speed test. ×