Hi Ish,
At 10:47 AM 23-04-2021, Ish Sookun wrote:
>What are your thoughts on the ICT regulator to ask citizens to install a
>CA certificate in their browser in order to access Facebook?
The technical mechanism would be mandatory for anyone in Mauritius
instead of citizens only.
I did a quick test to see how the technical mechanism could be
implemented. Here are two certificates for a social media site:
Version: 3 (0x2)
Serial Number:
07:eb:69:ff:78:12:fd:c8:8d:1d:70:c6:9b:32:a7:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: C = US, O = [CA], CN = [CA]
Validity
Not Before: Jan 12 00:00:00 2021 GMT
Not After : Jan 11 23:59:59 2022 GMT
Version: 3 (0x2)
Serial Number: 16192010974001 (0xeb9ff0ff331)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN = [CA], O = [CA]
Validity
Not Before: Apr 21 18:04:57 2021 GMT
Not After : Apr 23 18:04:57 2022 GMT
It is an additional effort to identify the fake certificate.
In addition, the browser would be using the CA certificate for all
web sites. I don't think that it is a good idea to install such a CA
certificate.
Regards,
S. Moonesamy
Received on Fri Apr 23 2021 - 18:52:52 PST