Open wkrp opened 3 months ago
An issue was opened at the Mozilla Bugzilla on 2024-02-07 that reports an HTTPS MITM in Kazakhstan. It seems similar to past TLS MITM in Kazakhstan that we have discussed in #6 (2019), #56 (2020), #66.
Bug 1879046: Add New Kazakhstan Root Certificate to OneCRL
Another MITM attempt by the KZ government. When I visit https[]()://m.reactor.cc/, the real certificate is replaced with the one that I attached.
The certificates attached to the report have this period of validity:
Validity Not Before: Jan 4 02:30:22 2024 GMT Not After : Apr 3 02:30:21 2024 GMT
According to a comment in the issue, the CA certificate is https://crt.sh/?id=12281942153. I'm not sure where that comes from. It doesn't seem to match the RSA certificates at https://pki.gov.kz/cert/ (archive).
I found bug 1879046 through a meta-bug to track Kazakhstan interception certificates. The meta-bug has a history of how such certificates have been dealt with in Firefox.
An issue was opened at the Mozilla Bugzilla on 2024-02-07 that reports an HTTPS MITM in Kazakhstan. It seems similar to past TLS MITM in Kazakhstan that we have discussed in #6 (2019), #56 (2020), #66.
Bug 1879046: Add New Kazakhstan Root Certificate to OneCRL
The certificates attached to the report have this period of validity:
According to a comment in the issue, the CA certificate is https://crt.sh/?id=12281942153. I'm not sure where that comes from. It doesn't seem to match the RSA certificates at https://pki.gov.kz/cert/ (archive).
I found bug 1879046 through a meta-bug to track Kazakhstan interception certificates. The meta-bug has a history of how such certificates have been dealt with in Firefox.