> Including the US right? And I don't mean in a conspiratorial sense. Just in the sense that they wouldn't deny it because it's their home country (Say Windows certs or Google certs), and at the very least they can issue warrants, gag orders, or triple letter agency bypasses.
Yeah. I don't think the US explicitly requires it but they don't have to, there are more than enough US-based entities with root certificates who they could send a National Security Letter to if they ever wanted one. (Also the US FKPI root certificate is at least shipped by some vendors, although it seems to be disabled by default)
Yeah. I don't think the US explicitly requires it but they don't have to, there are more than enough US-based entities with root certificates who they could send a National Security Letter to if they ever wanted one. (Also the US FKPI root certificate is at least shipped by some vendors, although it seems to be disabled by default)