In a repeat of its efforts from July-August 2019, Kazakhstan recently (starting from December 6, 2020) began using a new custom root CA (Information Security Certification Authority CA) to conduct man-in-the-middle (MitM) drills against HTTPS connections to websites including Facebook, Twitter, and Google. We have been tracking the interception, and in this page, we provide live results from our measurements of the Kazakh interception system.

Compared to the previous interception attempt in 2019, we observe through remote measurements that the scale of hosts inside Kazakhstan experiencing the interception has increased from ~7% in 2019 to ~11.5% in 2020. The list of domains targeted is similar to the one in 2019, consisting of Google, Facebook, Twitter, VK and mail.ru domains. Since major browser vendors blocked the use of the Qaznet Root certificate that was used in 2019, a new root CA has been established (ISCA), and the interception system has also seen updates.

Number of Vantages Observing MitM (Out of 7764 measured):

Domains Triggering MitM:

The following domains have triggered MitM in Kazakhstan in December 2020. The list is similar to the domains intercepted in July-August 2019.