Not if they have a root cert.

That's not a property of QUIC. Yes, if you trust both sides, then you trust both sides. That's not what people normally understand as MitM.

	▲	lazide 2 days ago \| parent [-]
		Pre-cert usage/issuance lists, it would take a keen eye to spot auto-mitm using root certs.

▲

Thorrez 3 days ago | parent | prev [-]

If China uses a root cert to issue bogus certs, that'll get caught by certificate transparency. Assuming people use browsers that enforce certificate transparency.

▲

eptcyka 3 days ago | parent [-]

Kazakhstan literally forced their own cert for lots of popular sites for a while, expecting users to click the through and accept them. It was made illegal to not accept government certificates.

	▲	esafak 3 days ago \| parent \| next [-]
		https://en.wikipedia.org/wiki/Kazakhstan_man-in-the-middle_a...
	▲	Thorrez 2 days ago \| parent \| prev [-]
		Was Kazakhstan successful? esafak's link seems to imply it wasn't very successful. Anyways, my point wasn't that a government can't MITM using a root cert. My point is that the government can't do so secretly. The whole world will know if they try.