- cross-posted to:
- hackernews@derp.foo
- cross-posted to:
- hackernews@derp.foo
EU Article 45 requires that browsers trust certificate authorities appointed by governments::The EU is poised to pass a sweeping new regulation, eIDAS 2.0. Buried deep in the text is Article 45, which returns us to the dark ages of 2011, when certificate authorities (CAs) could collaborate with governments to spy on encrypted traffic—and get away with it. Article 45 forbids browsers from…
This is really bad. This is the EU taking a page out of the books of Russia, Iran, and the PRC by implementing website blocking and government-issued CAs. Europeans could be at real risk in the event of a democratic backslide.
That’s usually my way to evaluate if a government should have a power. I ask myself if the other side were in charge and had this power, would it be really bad? If the answer is yes, more than likely the government shouldn’t have that power.
Congrats, you are smarter than most people talking about regulations.
I don’t remember this shit ever working.
But I have no doubt that Putin’s mafia will use private CA.