Comment Maybe I missed something (Score 1) 417
but are they actually using this root certificate to "transcrypt" (or whatever the term is for decrypting your traffic and then re-encrypting it with the desired external certificate) - or are they just adding a new certificate to your machine.
I can see plenty of reasons they'd want to do this - for example just allowing you to connect securely to your internal school webmail without them having to pay somebody else for a cert or getting your browser to bleat about how it can't validate the certificate every time you connect.
I can see plenty of reasons they'd want to do this - for example just allowing you to connect securely to your internal school webmail without them having to pay somebody else for a cert or getting your browser to bleat about how it can't validate the certificate every time you connect.