25 Jun
2025
25 Jun
'25
7:34 a.m.
On Tue, Jun 24, 2025 at 10:03 PM Endre Szabo via NANOG <nanog@lists.nanog.org> wrote:
I bet they do on-device TLS MITM. Not sure how easy it is to do that these days, but let’s assume.
Hi Endre, If you're being paid to provide an intentionally restricted Internet access service it's very easy: the middlebox simply blocks any protocol it can't decypher. Basic security protocol: deny by default. Any apps which won't work in that scenario... don't work. And that's what the buyer is paying for. Regards, Bill Herrin -- William Herrin bill@herrin.us https://bill.herrin.us/