<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"><html><head><meta content="text/html;charset=UTF-8" http-equiv="Content-Type"></head><body >Hi John <br><br>Did you ask them how they will ensure their https filter is PCI-CCS compliant and compliant with DPA requirements for dealing with other sensitive data?<br><br>If they do as you suggest they will be storing and processing credit card data and personally identifying data.
<div id="message"></div>
<br id="br3">
<div id="signature"></div>
<div id="content"><blockquote><br> ---- On Sun, 08 May 2016 08:47:50 +0100 <b> gllug@mailman.lug.org.uk </b> wrote ----<br><br><div>Not specifically a Linux question, but I know a lot of knowledgeable <br>people lurk here so I hope it will be forgiven. <br> <br>A (physical) site which I visit regularly provides a BYOD WiFi network <br>to which people can connect their own devices. You need an individual <br>WPA2 login in order to connect to it. <br> <br>Just recently they've announced that they're introducing filtering of <br>https connections, and thus you will also need to install a certificate <br>provided by them if you are going to use it to access any https web sites. <br> <br>Now the only way I can see this working is if they are proposing to <br>generate spoof certificates, signed by them, for any such sites which <br>you access, install their web filter as a man-in-the-middle, and thus <br>have clear-text access to all your supposedly encrypted communication. <br> <br>Am I reading this correctly, or is there some less malign thing which <br>they could be doing? Should I just stop using their WiFi and rely on my <br>own 4G connection? <br> <br>Cheers, <br>John <br> <br>_______________________________________________<br>GLLUG mailing list<br><a href="mailto:GLLUG@mailman.lug.org.uk" target="_blank">GLLUG@mailman.lug.org.uk</a><br><a href="https://mailman.lug.org.uk/mailman/listinfo/gllug" target="_blank">https://mailman.lug.org.uk/mailman/listinfo/gllug</a><br></div></blockquote></div></body></html>