Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Depends, if they have a root (or a wildcard) certificate, they can show you that, and your browser will happily show you a green lock. However, the list of root CAs in your browser is public, for Firefox see [0], and hopefully someone would notice if a VPN provider has access to such an certificate.

(However, that is something that also applies to ISPs, at least Telekom has a CA and therefore a root certificate.)

[0] https://www.mozilla.org/en-US/about/governance/policies/secu...



Consider applying for YC's Fall 2026 batch! Applications are open till July 27.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: