[GLLUG] Installing SSL certificate at the request of a WiFi provider

John Winters john at sinodun.org.uk
Sun May 8 07:48:13 UTC 2016

Not specifically a Linux question, but I know a lot of knowledgeable
people lurk here so I hope it will be forgiven.

A (physical) site which I visit regularly provides a BYOD WiFi network
to which people can connect their own devices.  You need an individual
WPA2 login in order to connect to it.

Just recently they've announced that they're introducing filtering of
https connections, and thus you will also need to install a certificate
provided by them if you are going to use it to access any https web sites.

Now the only way I can see this working is if they are proposing to
generate spoof certificates, signed by them, for any such sites which
you access, install their web filter as a man-in-the-middle, and thus
have clear-text access to all your supposedly encrypted communication.

Am I reading this correctly, or is there some less malign thing which
they could be doing?  Should I just stop using their WiFi and rely on my
own 4G connection?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://mailman.lug.org.uk/pipermail/gllug/attachments/20160508/7513a3f9/attachment.sig>

More information about the GLLUG mailing list