For DNS, there's nothing they really need to do.
If you want to know exactly what's in the packets like what Hack&Lube says, yes you have decrypt them. I suppose the gov't could force ISPs to inject the cert or have their own routers, but everybody in Canada would also have to install the cert as well.
__________________
If you don't pass this sig to ten of your friends, you will become an Oilers fan.
|