Re "Noname Ddosia": It's from the context, if you know your recent infosec history:

"Jüngst wurden damit auch Server von Schweizer Regierungsstellen während des Weltwirtschaftsforums angegriffen – als Retourkutsche für die Teilnahme des ukrainischen Präsidenten Wolodimir Selenski. Eine russlandnahe Gruppierung bekannte sich zum Angriff."

(translation: "Servers of Swiss government offices were recently attacked during the World Economic Forum - as a retaliation for the participation of Ukrainian President Volodymyr Zelensky. A group close to Russia claimed responsibility for the attack.")

Background: https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2023...

But it's not clear to me that's right, isn't WEF in the summer?

Ah, they've been ongoing, here's the earlier one: https://www.ncsc.admin.ch/ncsc/en/home/aktuell/im-fokus/2023...

WEF is in winter

Usually in January, 2021 was in August and 2022 in May.

idk, but it seems like it's not involved in this case as these are just independent Twitter threads from an account that isn't referenced by any of the Wilson Center's own verified accounts which are busy posting their own analysis...

This is lame news. But what I'm curious about is: What are they going to do (if anything) to validate the upstream certificates?

- What will their upstream root certificate policy be?

- If they MITM any old upstream certificate, how will they mitigate the huge target they are painting on Kazakh Internet users?

I would assume their root trust store could be similar to what your browser would use. i.e. a curated set of root CAs with CRL subscription.