British mobile ISP SSL MITM attack for the purposes of censorship

More about the product: <a href="https:&#x2F;&#x2F;umbrella.cisco.com&#x2F;products&#x2F;features" rel="nofollow">https:&#x2F;&#x2F;umbrella.cisco.com&#x2F;products&#x2F;features</a><p>Seems like a very misconfigured deployment, since no normal mobile user will use third party CA to connect via Three. I don&#x27;t expect that this is on purpose.<p>When they did them same thing at OpenDNS (<a href="https:&#x2F;&#x2F;www.snip2code.com&#x2F;Snippet&#x2F;1503745&#x2F;opendns-is-man-in-the-middling-me&#x2F;" rel="nofollow">https:&#x2F;&#x2F;www.snip2code.com&#x2F;Snippet&#x2F;1503745&#x2F;opendns-is-man-in-...</a>) the certificate was valid only for 3 days:<p><pre><code> Issuer: CN=Cisco Umbrella Secondary SubCA nyc-SG, O=Cisco Validity Not Before: Oct 18 20:32:18 2016 GMT Not After : Oct 23 20:32:18 2016 GMT</code></pre>

Full disclosure, that&#x27;s my post, I just thought it would be relevant to your interests. It&#x27;s deplorable how they&#x27;re putting tools in place to infringe on the privacy of an entire country using such dangerous tools as _wikipedia_.

Are the certs self-signed?