That’s not necessarily very easy. These certs would have to show up in public certificate transparancy logs for most browsers to accept them. If this happens on a government scale it would surely get noticed, though the question remains what you’re left to do if the government forces it anyways…
That’s not necessarily very easy. These certs would have to show up in public certificate transparancy logs for most browsers to accept them. If this happens on a government scale it would surely get noticed, though the question remains what you’re left to do if the government forces it anyways…
See https://en.m.wikipedia.org/wiki/Certificate_Transparency section “Mandatory certificate transparency”