Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

It's worth noting that Turktrust is not a government agency, and ego.gov.tr is simply the website of the municipal department that controls traffic and public transportation in the capitol city of Ankara. The likelihood that they would use these certificates for malicious purposes is virtually zero.


I'm not an expert on how spy agencies operate, but if they were buying a certificate like this to spy on people I don't think they'd ask to have their own name put on it?

Turkey often blocks websites [1] so they obviously have a problem with some of Google's operations, and have the capability to mess with regular citizens' internet connections.

[1] http://www.edri.org/edrigram/number10.24/ecthr-google-blocki... http://www.bbc.co.uk/news/technology-11659816


Turktrust is part of "Hant-to-hand With Turkish Military Force" and EGO operates Electricity-Gas-otoBus in the capital city, Ankara.


Why ego.gov.tr would need to have a certificate with *.google.com? I don't see any legitimate use case...


It's a fraudulent certificate; why should we believe anything in it?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: